CVE-2024-7868

2024-08-1500:00:00

ubuntu.com

xpdf

dct decoder

jpeg

uninitialized variable

segfault

pdf

poppler

backend library

CVSS4

2.1

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/SC:N/VI:N/SI:N/VA:L/SA:N

AI Score

7.1

Confidence

Low

EPSS

0.001

Percentile

17.7%

JSON

In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can
lead to an uninitialized variable in the DCT decoder. The proof-of-concept
PDF file causes a segfault attempting to read from an invalid address.

Notes

Author	Note
mdeslaur	In trusty to bionic, xpdf is built with poppler as the backend library, so most xpdf issues don’t apply to it. In jammy and later, the xpdf package is actually xpopple, a fork that also builds against poppler.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchipe< anyUNKNOWN
ubuntu20.04noarchipe< anyUNKNOWN
ubuntu22.04noarchipe< anyUNKNOWN
ubuntu24.04noarchipe< anyUNKNOWN
ubuntu16.04noarchipe< anyUNKNOWN
ubuntu18.04noarchxpdf< anyUNKNOWN
ubuntu22.04noarchxpdf< anyUNKNOWN
ubuntu24.04noarchxpdf< anyUNKNOWN
ubuntu16.04noarchxpdf< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	ipe	< any	UNKNOWN
ubuntu	20.04	noarch	ipe	< any	UNKNOWN
ubuntu	22.04	noarch	ipe	< any	UNKNOWN
ubuntu	24.04	noarch	ipe	< any	UNKNOWN
ubuntu	16.04	noarch	ipe	< any	UNKNOWN
ubuntu	18.04	noarch	xpdf	< any	UNKNOWN
ubuntu	22.04	noarch	xpdf	< any	UNKNOWN
ubuntu	24.04	noarch	xpdf	< any	UNKNOWN
ubuntu	16.04	noarch	xpdf	< any	UNKNOWN