Login Sign Up

CVE-2024-29506

8.8 HIGH
Remote Code Execution Denial of Service Buffer Overflow

📋 TL;DR

This vulnerability is a stack-based buffer overflow in Artifex Ghostscript's pdfi_apply_filter() function that can be triggered by a malicious PDF file with an overly long filter name. Attackers could exploit this to execute arbitrary code or cause denial of service. Any system processing PDF files with vulnerable Ghostscript versions is affected.

💻 Affected Systems

Products:
  • Artifex Ghostscript
Versions: All versions before 10.03.0
Operating Systems: All operating systems running Ghostscript
Default Config Vulnerable: ⚠️ Yes
Notes: Any application using Ghostscript libraries for PDF processing is vulnerable when handling untrusted PDF files.

📦 What is this software?

Ghostscript by Artifex

View all CVEs affecting Ghostscript →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with the privileges of the Ghostscript process, potentially leading to full system compromise.

🟠

Likely Case

Denial of service (application crash) when processing malicious PDF files.

🟢

If Mitigated

Limited impact if Ghostscript runs in sandboxed environments with minimal privileges.

🌐 Internet-Facing: HIGH - PDF processing services exposed to untrusted input are vulnerable.
🏢 Internal Only: MEDIUM - Internal systems processing user-uploaded PDFs remain at risk.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires crafting a malicious PDF file, but no public proof-of-concept is available yet.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 10.03.0

Vendor Advisory: https://bugs.ghostscript.com/show_bug.cgi?id=707510

Restart Required: Yes

Instructions:

1. Download Ghostscript 10.03.0 or later from official sources. 2. Stop all Ghostscript services. 3. Install the updated version. 4. Restart services.

🔧 Temporary Workarounds

Disable PDF processing

all

Temporarily disable Ghostscript PDF processing in applications until patched.

Sandbox Ghostscript

linux

Run Ghostscript in a container or with reduced privileges to limit impact.

docker run --read-only --cap-drop=ALL ghostscript

🧯 If You Can't Patch

  • Implement strict input validation to reject PDFs with unusually long filter names.
  • Deploy network segmentation to isolate Ghostscript services from untrusted networks.

🔍 How to Verify

Check if Vulnerable:

Check Ghostscript version with 'gs --version' and verify it's below 10.03.0.

Check Version:

gs --version

Verify Fix Applied:

Confirm version is 10.03.0 or higher using 'gs --version'.

📡 Detection & Monitoring

Log Indicators:

  • Ghostscript crash logs
  • Application errors when processing PDF files

Network Indicators:

  • Unusual PDF file uploads to services using Ghostscript

SIEM Query:

source="*ghostscript*" AND (event="crash" OR event="segfault")

📊 Metadata

CVE ID: CVE-2024-29506
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: July 3, 2024
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-29506, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)