CLSA-2026-1778749215 ghostscript: Fix of 2 CVEs

CVE-2024-29508: heap pointer disclosure in pdfbasefontalloc via synthesized BaseFont name - CVE-2025-48708: argument sanitisation missed '' separator, leaking -sUserPasswordsecret values into output PDF metadata...

CLSA-2026-1776333493 ghostscript: Fix of CVE-2024-29508

CVE-2024-29508: fix heap-based pointer disclosure in pdfbasefontalloc...

Unbreakable Enterprise kernel security update

5.4.17-2136.350.3.1 - Reapply 'cpuidle: menu: Avoid discarding useful information' Harshvardhan Jha Orabug: 38744458 - fbcon: fix integer overflow in font allocation Samasth Norway Ananda Orabug: 38744453 5.4.17-2136.350.3 - net/rds: Fix rsrecvpending counting issue Gerd Rausch Orabug: 38506370...

OESA-2024-2161 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in...

The vulnerability of the pdf_base_font_alloc() function in the software suite for processing, transforming, and generating Ghostscript documents allows a attacker to execute arbitrary code or cause a service failure.

The vulnerability of the pdfbasefontalloc function in the software suite for processing, transforming, and generating Ghostscript documents is related to buffer overflows caused by improper scaling of the pointer "".F" PRIINTPTR". Exploitation of this vulnerability could allow a malicious actor t...

UBUNTU-CVE-2024-29508

Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function pdfbasefontalloc...