Skip to content

Instantly share code, notes, and snippets.

@spookhorror

spookhorror/MuPDF v1.21.1 DoS

Created October 29, 2023 14:03
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save spookhorror/c770d118767b1b0d89fdfe2845169d06 to your computer and use it in GitHub Desktop.
Save spookhorror/c770d118767b1b0d89fdfe2845169d06 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
MuPDF v1.21.1 DoS
Hello everyone,
I have discovered a Denial of Service (DoS) issue in MuPDF v1.21.1. Additionally, CVE-2023-31794 has been assigned to this issue.
Impact:
DoS
Description:
MuPDF v1.21.1 has been found to contain a vulnerability that allows for infinite recursion in the component pdf_mark_list_push. This vulnerability enables attackers to trigger a Denial of Service (DoS) by using a crafted PDF file.
Reference:
https://bugs.ghostscript.com/show_bug.cgi?id=706506
https://git.ghostscript.com/?p=mupdf.git;h=c0015401693b58e2deb5d75c39f27bc1216e47c6
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment