CVE-2024-4141
Published: 24 April 2024
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type 1 font. The root problem was a bounds check that was being optimized away by modern compilers.
Notes
Author | Note |
---|---|
mdeslaur | In trusty to bionic, xpdf is built with poppler as the backend library, so most xpdf issues don't apply to it. In jammy and later, the xpdf package is actually xpopple, a fork that also builds against poppler. |
Priority
Status
Package | Release | Status |
---|---|---|
ipe Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
focal |
Needs triage
|
|
jammy |
Needs triage
|
|
mantic |
Needs triage
|
|
noble |
Needs triage
|
|
upstream |
Needs triage
|
|
xenial |
Needs triage
|
|
xpdf Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
focal |
Does not exist
|
|
jammy |
Needs triage
|
|
mantic |
Needs triage
|
|
noble |
Needs triage
|
|
upstream |
Needs triage
|
|
xenial |
Needs triage
|