GitLab

Bugzilla ID	128
Alias(es)	CVE-2019-10871, CVE-2019-14494, CVE-2019-9543, CVE-2019-9545, CVE-2019-9959
Reporter	Max Rees (sroracle)
Assignee	Max Rees (sroracle)
Reported	2019-07-29 04:21:38 -0500
Modified	2020-06-22 06:08:42 -0500
Status	CONFIRMED
Version	1.0-BETA3
Hardware	Adélie Linux / All
Importance	--- / minor
Package(s)	user/poppler

Description

CVE-2019-9543: https://nvd.nist.gov/vuln/detail/CVE-2019-9543

An issue was discovered in Poppler 0.74.0. A recursive function call,
in JBIG2Stream::readGenericBitmap() located in JBIG2Stream.cc, can be
triggered by sending a crafted pdf file to (for example) the
pdfseparate binary. It allows an attacker to cause Denial of Service
(Segmentation fault) or possibly have unspecified other impact. This
is related to JArithmeticDecoder::decodeBit.

Wait on upstream: https://gitlab.freedesktop.org/poppler/poppler/issues/730

CVE-2019-9545: https://nvd.nist.gov/vuln/detail/CVE-2019-9545

An issue was discovered in Poppler 0.74.0. A recursive function call,
in JBIG2Stream::readTextRegion() located in JBIG2Stream.cc, can be
triggered by sending a crafted pdf file to (for example) the pdfimages
binary. It allows an attacker to cause Denial of Service (Segmentation
fault) or possibly have unspecified other impact. This is related to
JBIG2Bitmap::clearToZero.

Wait on upstream: https://gitlab.freedesktop.org/poppler/poppler/issues/731

CVE-2019-10871: https://nvd.nist.gov/vuln/detail/CVE-2019-10871

An issue was discovered in Poppler 0.74.0. There is a heap-based
buffer over-read in the function PSOutputDev::checkPageSlice at
PSOutputDev.cc.

Wait on upstream: https://gitlab.freedesktop.org/poppler/poppler/issues/751