CVE-2017-9083

Published: 19 May 2017

poppler 0.54.0, as used in Evince and other products, has a NULL pointer dereference in the JPXStream::readUByte function in JPXStream.cc. For example, the perf_test utility will crash (segmentation fault) when parsing an invalid PDF file.

Priority

Low

CVSS 3 base score: 6.5

Status

Package Release Status
luatex
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 ESM (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was needed)
poppler
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 18.04 LTS (Bionic Beaver)
Released (0.48.0-2ubuntu3)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (0.41.0-0ubuntu1.2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [0.24.5-2ubuntu4.5])
texlive-bin
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(code not built)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(code not built)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [code not built])

Notes

AuthorNote
seth-arnold
I didn't inspect texlive-bin or luatex closely since I didn't
spot a patch quickly
mdeslaur
while Debian uses openjpeg, Ubuntu uses the internal JPX
decoder
texlive-bin is built with --with-system-poppler and
--with-system-xpdf, so embedded code copy isn't used.

References

Bugs