Ghostscript Vulnerability Actively Exploited in Attacks

31-July-24

A critical remote code execution (RCE) vulnerability, CVE-2024-29510, has been identified in the Ghostscript library, which is widely used on Linux systems for processing PostScript and PDF files. This vulnerability, a format string flaw, affects Ghostscript versions 10.03.0 and earlier, allowing attackers to bypass the -dSAFER sandbox and perform high-risk operations like command execution and file manipulation. Exploited via EPS files disguised as JPGs, the vulnerability poses severe risks to applications relying on Ghostscript, such as ImageMagick and LibreOffice. Despite a patch released in May, active exploitation continues, highlighting the urgency for users to update to version 10.03.1 or a patched version provided by their distribution.

Read More…