vulnerability
Oracle Linux: CVE-2020-27792: ELSA-2025-4362: ghostscript security update (MODERATE)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:M/Au:N/C:N/I:C/A:C) | Nov 6, 2019 | May 1, 2025 | Dec 3, 2025 |
Severity
6
CVSS
(AV:L/AC:M/Au:N/C:N/I:C/A:C)
Published
Nov 6, 2019
Added
May 1, 2025
Modified
Dec 3, 2025
Description
A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service.
Solutions
oracle-linux-upgrade-ghostscriptoracle-linux-upgrade-ghostscript-docoracle-linux-upgrade-ghostscript-tools-dvipdforacle-linux-upgrade-ghostscript-tools-fontsoracle-linux-upgrade-ghostscript-tools-printingoracle-linux-upgrade-ghostscript-x11oracle-linux-upgrade-libgsoracle-linux-upgrade-libgs-devel
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.