home  bbs  files  messages ]

      ZZLI4416             linux.debian.bugs.dist             15094 messages      

[ previous | next | reply ]

[ list messages | list forums ]

  Msg # 122 of 15094 on ZZLI4416, Monday 10-12-25, 1:12  
  From: SALVATORE BONACCORSO  
  To: ALL  
  Subj: Bug#1117853: poppler: CVE-2025-52885  
 From: carnil@debian.org 
  
 Source: poppler 
 Version: 25.03.0-10 
 Severity: grave 
 Tags: security upstream 
 Justification: user security hole 
 X-Debbugs-Cc: carnil@debian.org, Debian Security Team  
  
 Hi, 
  
 The following vulnerability was published for poppler. 
  
 CVE-2025-52885[0]: 
 | Poppler ia a library for rendering PDF files, and examining or 
 | modifying their structure. A use-after-free (write) vulnerability 
 | has been detected in versions Poppler prior to 25.10.0 within the 
 | StructTreeRoot class. The issue arises from the use of raw pointers 
 | to elements of a `std::vector`, which can lead to dangling pointers 
 | when the vector is resized. The vulnerability stems from the way 
 | that refToParentMap stores references to `std::vector` elements 
 | using raw pointers. These pointers may become invalid when the 
 | vector is resized. This vulnerability is a common security problem 
 | involving the use of raw pointers to `std::vectors`. Internally, 
 | `std::vector `stores its elements in a dynamically allocated array. 
 | When the array reaches its capacity and a new element is added, the 
 | vector reallocates a larger block of memory and moves all the 
 | existing elements to the new location. At this point if any pointers 
 | to elements are stored before a resize occurs, they become dangling 
 | pointers once the reallocation happens. Version 25.10.0 contains a 
 | patch for the issue. 
  
  
 If you fix the vulnerability please also make sure to include the 
 CVE (Common Vulnerabilities & Exposures) id in your changelog entry. 
  
 For further information see: 
  
 [0] https://security-tracker.debian.org/tracker/CVE-2025-52885 
     https://www.cve.org/CVERecord?id=CVE-2025-52885 
 [1] https://securitylab.github.com/advisories/GHSL-2025-042_poppler/ 
 [2] https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1884 
 [3] https://gitlab.freedesktop.org/poppler/poppler/-/commit/4ce2 
 cc826bf90cc8dbbd8a8c87bd913cccd7ec0 
  
 Please adjust the affected versions in the BTS as needed. 
  
 Regards, 
 Salvatore 
  
 --- SoupGate-Win32 v1.05 
  * Origin: you cannot sedate... all the things you hate (1:229/2) 

[ list messages | list forums | previous | next | reply ]

search for:

328,117 visits
(c) 1994,  bbs@darkrealms.ca