First published: Thu Aug 03 2023(Updated: )
Jieyong Ma discovered that poppler incorrectly handled certain malformed PDF files. A remote attacker could possibly use this issue to cause poppler to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-27337) It was discovered that poppler incorrectly handled certain malformed PDF files. A remote attacker could possibly use this issue to cause poppler to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-34872)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/libpoppler126 | <22.12.0-2ubuntu1.1 | 22.12.0-2ubuntu1.1 |
=23.04 | ||
All of | ||
ubuntu/libpoppler118 | <22.02.0-2ubuntu0.2 | 22.02.0-2ubuntu0.2 |
=22.04 | ||
All of | ||
ubuntu/libpoppler97 | <0.86.1-0ubuntu1.2 | 0.86.1-0ubuntu1.2 |
=20.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this advisory is CVE-2022-27337.
This vulnerability affects Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
The severity of CVE-2022-27337 is not mentioned in the advisory.
An attacker can exploit this vulnerability by using certain malformed PDF files to cause the poppler library to crash, resulting in a denial of service.
To fix this vulnerability, update the libpoppler126 package to version 22.12.0-2ubuntu1.1 (for Ubuntu 22.04 LTS and Ubuntu 23.04) or update the libpoppler97 package to version 0.86.1-0ubuntu1.2 (for Ubuntu 20.04 LTS).