Segmentation fault in mupdf&mutool
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mupdf (Ubuntu) |
Incomplete
|
Undecided
|
Unassigned |
Bug Description
Package: mupdf
Version: Bionic (1.12.0+ds1-1)
Hi,
We found a heap-buffer-
This affects ubuntu Bionic (1.12.0+ds1-1).
Crash happennd at ensure_solid_xref (pdf-xref.c:211):
209 for (i =0; i < sub->len; i++)
210 {
211 new_sub-
212 }
the variable "sub->start" could be a big number at run time, which cause this crash.
We have submit this issue to the developers, testcase can be found at:
https:/
run the sample with command:
mutool draw poc.pdf
or:
mupdf poc.pdf
We found this vulnerability is not fixed in newly ubuntu 18.04
Thanks for reporting this vulnerability. Are you planning on requesting a CVE id for it?