CVE-2025-27835
Published: 25 March 2025
Description
An adversary may rely upon a user opening a malicious file in order to gain execution.
Security Summary
CVE-2025-27835 is a buffer overflow vulnerability (CWE-120) discovered in Artifex Ghostscript versions before 10.05.0. The flaw occurs in the psi/zbfont.c component during the conversion of glyphs to Unicode, which can lead to memory corruption when processing malformed input.
The vulnerability has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). A local attacker with no privileges can exploit it by tricking a user into processing a specially crafted file with an affected Ghostscript instance, such as via a PDF viewer or command-line invocation. Successful exploitation could allow arbitrary code execution with the privileges of the Ghostscript process, resulting in high impacts to confidentiality, integrity, and availability.
Advisories recommend upgrading to Ghostscript 10.05.0 or later to mitigate the issue. Additional details are available in the Ghostscript bug report at https://bugs.ghostscript.com/show_bug.cgi?id=708131 and the Debian LTS announcement at https://lists.debian.org/debian-lts-announce/2025/04/msg00014.html.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Buffer overflow in Ghostscript file processing (glyph/Unicode conversion) enables arbitrary code execution via crafted malicious file opened by user, directly mapping to client-side exploitation and malicious file delivery.