CVE-2023-43115
Description
Ghostscript through 10.01.2 allows remote code execution via crafted PostScript documents that switch to the IJS device or change IjsServer parameter after SAFER activation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Ghostscript through 10.01.2 allows remote code execution via crafted PostScript documents that switch to the IJS device or change IjsServer parameter after SAFER activation.
Vulnerability
In Artifex Ghostscript versions through 10.01.2, the file gdevijs.c in GhostPDL contains a vulnerability that allows a crafted PostScript document to switch to the IJS device or change the IjsServer parameter after the SAFER sandbox has been activated. This bypasses the intended security restrictions.
Exploitation
An attacker can deliver a malicious PostScript document to a victim. When processed by Ghostscript, the document can invoke the IJS device or modify the IjsServer parameter, even though SAFER mode is active. No additional authentication or network position is required beyond the ability to supply the document.
Impact
Successful exploitation leads to remote code execution (RCE) with the privileges of the Ghostscript process. The attacker can execute arbitrary commands on the target system.
Mitigation
As of the publication date (2023-09-18), the vulnerability affects Ghostscript through 10.01.2. Users should upgrade to a patched version if available. The vendor has noted that the IJS server can be specified on the command line, and the IJS device inherently must execute a command to start the IJS server, indicating a design limitation. No specific workaround is provided in the available references.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
40(expand)+ 1 more
- (no CPE)
- (no CPE)range: <=10.01.2
- osv-coords38 versionspkg:apk/chainguard/ghostscriptpkg:apk/chainguard/ghostscript-dbgpkg:apk/chainguard/ghostscript-devpkg:apk/chainguard/ghostscript-docpkg:apk/wolfi/ghostscriptpkg:apk/wolfi/ghostscript-dbgpkg:apk/wolfi/ghostscript-devpkg:apk/wolfi/ghostscript-docpkg:rpm/almalinux/ghostscriptpkg:rpm/almalinux/ghostscript-docpkg:rpm/almalinux/ghostscript-tools-dvipdfpkg:rpm/almalinux/ghostscript-tools-fontspkg:rpm/almalinux/ghostscript-tools-printingpkg:rpm/almalinux/ghostscript-x11pkg:rpm/almalinux/libgspkg:rpm/almalinux/libgs-develpkg:rpm/opensuse/ghostscript&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/ghostscript&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/ghostscript&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/python-ocrmypdf&distro=openSUSE%20Tumbleweedpkg:rpm/suse/ghostscript&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/ghostscript&distro=SUSE%20Manager%20Proxy%204.2pkg:rpm/suse/ghostscript&distro=SUSE%20Manager%20Server%204.2
< 10.02.0-r0+ 37 more
- (no CPE)range: < 10.02.0-r0
- (no CPE)range: < 10.02.0-r0
- (no CPE)range: < 10.02.0-r0
- (no CPE)range: < 10.02.0-r0
- (no CPE)range: < 10.02.0-r0
- (no CPE)range: < 10.02.0-r0
- (no CPE)range: < 10.02.0-r0
- (no CPE)range: < 10.02.0-r0
- (no CPE)range: < 9.54.0-11.el9_2
- (no CPE)range: < 9.54.0-11.el9_2
- (no CPE)range: < 9.54.0-11.el9_2
- (no CPE)range: < 9.54.0-11.el9_2
- (no CPE)range: < 9.54.0-11.el9_2
- (no CPE)range: < 9.54.0-11.el9_2
- (no CPE)range: < 9.54.0-11.el9_2
- (no CPE)range: < 9.54.0-11.el9_2
- (no CPE)range: < 9.52-150000.173.2
- (no CPE)range: < 9.52-150000.173.2
- (no CPE)range: < 9.56.1-6.1
- (no CPE)range: < 17.4.2-1.1
- (no CPE)range: < 9.52-150000.173.2
- (no CPE)range: < 9.52-150000.173.2
- (no CPE)range: < 9.52-150000.173.2
- (no CPE)range: < 9.52-150000.173.2
- (no CPE)range: < 9.52-150000.173.2
- (no CPE)range: < 9.52-150000.173.2
- (no CPE)range: < 9.52-150000.173.2
- (no CPE)range: < 9.52-23.60.1
- (no CPE)range: < 9.52-150000.173.2
- (no CPE)range: < 9.52-150000.173.2
- (no CPE)range: < 9.52-150000.173.2
- (no CPE)range: < 9.52-23.60.1
- (no CPE)range: < 9.52-150000.173.2
- (no CPE)range: < 9.52-150000.173.2
- (no CPE)range: < 9.52-150000.173.2
- (no CPE)range: < 9.52-23.60.1
- (no CPE)range: < 9.52-150000.173.2
- (no CPE)range: < 9.52-150000.173.2
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
5- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IK3UXJ5HKMPAL5EQELJAWSRPA2AUOJJO/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PG5AQV7JOL5TAU76FWPJCMSKO5DREKV5/mitrevendor-advisory
- bugs.ghostscript.com/show_bug.cgimitre
- ghostscript.commitre
- git.ghostscript.commitre
News mentions
0No linked articles in our index yet.