Login Sign Up

CVE-2024-29509

8.8 HIGH
Denial of Service Buffer Overflow

📋 TL;DR

This vulnerability in Artifex Ghostscript allows heap-based buffer overflow when processing PDF passwords containing null bytes. Attackers could potentially execute arbitrary code or cause denial of service. Systems using Ghostscript for PDF processing are affected.

💻 Affected Systems

Products:
  • Artifex Ghostscript
Versions: All versions before 10.03.0
Operating Systems: All platforms running Ghostscript
Default Config Vulnerable: ⚠️ Yes
Notes: Affects any system using Ghostscript for PDF processing, including web applications, document management systems, and print servers.

📦 What is this software?

Ghostscript by Artifex

View all CVEs affecting Ghostscript →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Denial of service causing Ghostscript crashes and disruption of PDF processing services.

🟢

If Mitigated

Limited impact if Ghostscript runs in sandboxed environments with minimal privileges.

🌐 Internet-Facing: HIGH - PDF processing services exposed to internet could be directly targeted.
🏢 Internal Only: MEDIUM - Internal users could exploit via malicious PDFs, but requires user interaction.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires crafting PDFs with specific password encoding, but technical details are publicly available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 10.03.0

Vendor Advisory: https://bugs.ghostscript.com/show_bug.cgi?id=707510

Restart Required: Yes

Instructions:

1. Download Ghostscript 10.03.0 or later from official sources. 2. Stop all Ghostscript services. 3. Install the updated version. 4. Restart services. 5. Verify the update.

🔧 Temporary Workarounds

Disable PDF password processing

all

Configure Ghostscript to reject PDFs with passwords or disable password processing features

Modify Ghostscript configuration to set -dNOSAFER=false or restrict PDF input sources

Input validation wrapper

all

Implement pre-processing to detect and reject PDFs with null bytes in passwords

Create script to scan PDF metadata before passing to Ghostscript

🧯 If You Can't Patch

  • Isolate Ghostscript services in network segments with strict access controls
  • Implement application allowlisting to prevent unauthorized Ghostscript execution

🔍 How to Verify

Check if Vulnerable:

Run 'gs --version' and check if version is below 10.03.0

Check Version:

gs --version

Verify Fix Applied:

Confirm version is 10.03.0 or higher with 'gs --version'

📡 Detection & Monitoring

Log Indicators:

  • Ghostscript crash logs
  • Unexpected process termination
  • Memory access violation errors

Network Indicators:

  • Unusual PDF uploads to processing services
  • Spike in failed PDF processing requests

SIEM Query:

source="ghostscript.log" AND ("segmentation fault" OR "heap overflow" OR "access violation")

📊 Metadata

CVE ID: CVE-2024-29509
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: July 3, 2024
Last Updated: March 20, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-29509, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)