Security News > 2024 > July > RCE bug in widely used Ghostscript library now exploited in attacks
A remote code execution vulnerability in the Ghostscript document conversion toolkit, widely used on Linux systems, is currently being exploited in attacks.
Ghostscript comes pre-installed on many Linux distributions and is used by various document conversion software, including ImageMagick, LibreOffice, GIMP, Inkscape, Scribus, and the CUPS printing system.
Ps While the Ghostscript development team patched the security flaw in May, Codean Labs published a write-up with technical details and proof-of-concept exploit code two months later.
Attackers are already exploiting the CVE-2024-29510 Ghostscript vulnerability in the wild, using EPS files camouflaged as JPG files to get shell access to vulnerable systems.
"The best mitigation against this vulnerability is to update your installation of Ghostscript to v10.03.1. If your distribution does not provide the latest Ghostscript version, it might still have released a patch version containing a fix for this vulnerability," Codean Labs added.
One year ago, the Ghostscript developers patched another critical RCE flaw also triggered by opening maliciously crafted files on unpatched systems.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-03 | CVE-2024-29510 | Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device. | 0.0 |