CVE-2024-29506: 
Ghostscript vulnerability analysis and mitigation

Artifex Ghostscript before version 10.03.0 contains a stack-based buffer overflow vulnerability in the pdfiapplyfilter() function. The vulnerability can be triggered via a long PDF filter name when the PDFDEBUG flag is enabled (NVD, OSS Security).

The vulnerability exists in the pdfiapplyfilter() function where the PDFDEBUG flag controls the value of ctx->args.debug. When enabled, it performs a memcpy operation into a fixed-size stack buffer of 100 bytes without proper bounds checking. The input (n->data, representing the PDF filter name) is an attacker-controlled buffer of arbitrary size, and a filter name larger than 100 bytes will overflow the 'str' buffer (OSS Security). The vulnerability has been assigned a CVSS v3.1 Base Score of 8.8 HIGH (Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) (NVD).

The successful exploitation of this vulnerability could lead to stack buffer overflow, potentially resulting in arbitrary code execution with the privileges of the Ghostscript process. The high CVSS score indicates that successful exploitation could lead to a complete compromise of confidentiality, integrity, and availability of the target system (NVD).

The vulnerability has been fixed in Ghostscript version 10.03.0. Users are advised to upgrade to this version or later. The fix was implemented through commit 77dc7f699beba606937b7ea23b50cf5974fa64b1 in the Ghostscript repository (Ghostscript Bug).