Login Sign Up

CVE-2024-29507

5.4 MEDIUM
Denial of Service Buffer Overflow

📋 TL;DR

This CVE describes a stack-based buffer overflow vulnerability in Artifex Ghostscript when processing CIDFSubstPath and CIDFSubstFont parameters. Attackers could potentially execute arbitrary code or cause denial of service by exploiting this overflow. Systems using Ghostscript for PDF/PostScript processing are affected.

💻 Affected Systems

Products:
  • Artifex Ghostscript
Versions: All versions before 10.03.0
Operating Systems: All platforms running Ghostscript
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability triggers when processing documents with malicious CIDFSubstPath/CIDFSubstFont parameters.

📦 What is this software?

Ghostscript by Artifex

View all CVEs affecting Ghostscript →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Denial of service causing Ghostscript crashes and disruption of document processing services.

🟢

If Mitigated

Limited impact with proper sandboxing and privilege separation, potentially just crashes.

🌐 Internet-Facing: MEDIUM - Requires processing malicious documents, but many internet-facing systems accept document uploads.
🏢 Internal Only: MEDIUM - Internal users could exploit via malicious documents, but requires user interaction or automated processing.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires crafting malicious documents that trigger the buffer overflow via specific parameters.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 10.03.0

Vendor Advisory: https://bugs.ghostscript.com/show_bug.cgi?id=707510

Restart Required: Yes

Instructions:

1. Download Ghostscript 10.03.0 or later from official sources. 2. Stop all Ghostscript services. 3. Install the updated version. 4. Restart services. 5. Verify the update.

🔧 Temporary Workarounds

Disable Ghostscript in document processing pipelines

all

Temporarily remove Ghostscript from document conversion/processing workflows

Sandbox Ghostscript execution

linux

Run Ghostscript in isolated containers or with minimal privileges

docker run --read-only --cap-drop=ALL ghostscript

🧯 If You Can't Patch

  • Implement strict input validation for documents processed by Ghostscript
  • Deploy network segmentation to isolate Ghostscript servers from critical systems

🔍 How to Verify

Check if Vulnerable:

Run 'gs --version' and check if version is below 10.03.0

Check Version:

gs --version

Verify Fix Applied:

Confirm 'gs --version' returns 10.03.0 or higher

📡 Detection & Monitoring

Log Indicators:

  • Ghostscript crash logs
  • Unexpected process termination
  • Memory access violation errors

Network Indicators:

  • Unusual document upload patterns to Ghostscript services

SIEM Query:

process_name:"gs" AND (event_type:"crash" OR exit_code:139)

📊 Metadata

CVE ID: CVE-2024-29507
CVSS v3 Score: 5.4 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
CWE: CWE-120
Published: July 3, 2024
Last Updated: April 28, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-29507, you might also want to check these:

CVE-2023-24482 10.0

This CVE describes a critical buffer overflow vulnerability in COMOS software's cache validation ser...

Same vulnerability type (CWE-120)
CVE-2024-22039 10.0

This vulnerability allows unauthenticated remote attackers to execute arbitrary code with root privi...

Same vulnerability type (CWE-120)
CVE-2022-22570 10.0

A buffer overflow vulnerability in UniFi Door Access Reader Lite firmware allows attackers with netw...

Same vulnerability type (CWE-120)