usn-7378-1
Vulnerability from osv_ubuntu
It was discovered that Ghostscript incorrectly serialized DollarBlend in certain fonts. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-27830)
It was discovered that Ghostscript incorrectly handled the DOCXWRITE TXTWRITE device. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. (CVE-2025-27831)
It was discovered that Ghostscript incorrectly handled the NPDL device. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-27832)
It was discovered that Ghostscript incorrectly handled certain long TTF file names. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2025-27833)
It was discovered that Ghostscript incorrectly handled oversized Type 4 functions in certain PDF documents. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. (CVE-2025-27834)
It was discovered that Ghostscript incorrectly handled converting certain glyphs to Unicode. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-27835)
It was discovered that Ghostscript incorrectly handled the BJ10V device. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-27836)
{
"affected": [
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2025-27830",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-27832",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-27835",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-27836",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:20.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "ghostscript",
"binary_version": "9.50~dfsg-5ubuntu4.15"
},
{
"binary_name": "ghostscript-x",
"binary_version": "9.50~dfsg-5ubuntu4.15"
},
{
"binary_name": "libgs9",
"binary_version": "9.50~dfsg-5ubuntu4.15"
},
{
"binary_name": "libgs9-common",
"binary_version": "9.50~dfsg-5ubuntu4.15"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "ghostscript",
"purl": "pkg:deb/ubuntu/ghostscript@9.50~dfsg-5ubuntu4.15?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.50~dfsg-5ubuntu4.15"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"9.27~dfsg+0-0ubuntu3",
"9.27~dfsg+0-0ubuntu4",
"9.50~dfsg-5ubuntu1",
"9.50~dfsg-5ubuntu2",
"9.50~dfsg-5ubuntu3",
"9.50~dfsg-5ubuntu4",
"9.50~dfsg-5ubuntu4.1",
"9.50~dfsg-5ubuntu4.2",
"9.50~dfsg-5ubuntu4.3",
"9.50~dfsg-5ubuntu4.4",
"9.50~dfsg-5ubuntu4.5",
"9.50~dfsg-5ubuntu4.6",
"9.50~dfsg-5ubuntu4.7",
"9.50~dfsg-5ubuntu4.8",
"9.50~dfsg-5ubuntu4.9",
"9.50~dfsg-5ubuntu4.10",
"9.50~dfsg-5ubuntu4.11",
"9.50~dfsg-5ubuntu4.12",
"9.50~dfsg-5ubuntu4.13",
"9.50~dfsg-5ubuntu4.14"
]
},
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2025-27830",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-27831",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-27832",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-27834",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-27835",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-27836",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:22.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "ghostscript",
"binary_version": "9.55.0~dfsg1-0ubuntu5.11"
},
{
"binary_name": "ghostscript-x",
"binary_version": "9.55.0~dfsg1-0ubuntu5.11"
},
{
"binary_name": "libgs9",
"binary_version": "9.55.0~dfsg1-0ubuntu5.11"
},
{
"binary_name": "libgs9-common",
"binary_version": "9.55.0~dfsg1-0ubuntu5.11"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "ghostscript",
"purl": "pkg:deb/ubuntu/ghostscript@9.55.0~dfsg1-0ubuntu5.11?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.55.0~dfsg1-0ubuntu5.11"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"9.54.0~dfsg1-0ubuntu2",
"9.55.0~dfsg1-0ubuntu4",
"9.55.0~dfsg1-0ubuntu5",
"9.55.0~dfsg1-0ubuntu5.1",
"9.55.0~dfsg1-0ubuntu5.2",
"9.55.0~dfsg1-0ubuntu5.3",
"9.55.0~dfsg1-0ubuntu5.4",
"9.55.0~dfsg1-0ubuntu5.5",
"9.55.0~dfsg1-0ubuntu5.6",
"9.55.0~dfsg1-0ubuntu5.7",
"9.55.0~dfsg1-0ubuntu5.9",
"9.55.0~dfsg1-0ubuntu5.10"
]
},
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2025-27830",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-27831",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-27832",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-27833",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-27834",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-27835",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-27836",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:24.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "ghostscript",
"binary_version": "10.02.1~dfsg1-0ubuntu7.5"
},
{
"binary_name": "libgs-common",
"binary_version": "10.02.1~dfsg1-0ubuntu7.5"
},
{
"binary_name": "libgs10",
"binary_version": "10.02.1~dfsg1-0ubuntu7.5"
},
{
"binary_name": "libgs10-common",
"binary_version": "10.02.1~dfsg1-0ubuntu7.5"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "ghostscript",
"purl": "pkg:deb/ubuntu/ghostscript@10.02.1~dfsg1-0ubuntu7.5?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.02.1~dfsg1-0ubuntu7.5"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"10.01.2~dfsg1-0ubuntu2",
"10.01.2~dfsg1-0ubuntu2.1",
"10.02.1~dfsg1-0ubuntu1",
"10.02.1~dfsg1-0ubuntu2",
"10.02.1~dfsg1-0ubuntu5",
"10.02.1~dfsg1-0ubuntu6",
"10.02.1~dfsg1-0ubuntu7",
"10.02.1~dfsg1-0ubuntu7.1",
"10.02.1~dfsg1-0ubuntu7.3",
"10.02.1~dfsg1-0ubuntu7.4"
]
}
],
"aliases": [],
"details": "It was discovered that Ghostscript incorrectly serialized DollarBlend in\ncertain fonts. An attacker could use this issue to cause Ghostscript to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. (CVE-2025-27830)\n\nIt was discovered that Ghostscript incorrectly handled the DOCXWRITE\nTXTWRITE device. An attacker could use this issue to cause Ghostscript to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and\nUbuntu 24.10. (CVE-2025-27831)\n\nIt was discovered that Ghostscript incorrectly handled the NPDL device. An\nattacker could use this issue to cause Ghostscript to crash, resulting in a\ndenial of service, or possibly execute arbitrary code. (CVE-2025-27832)\n\nIt was discovered that Ghostscript incorrectly handled certain long TTF\nfile names. An attacker could use this issue to cause Ghostscript to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10.\n(CVE-2025-27833)\n\nIt was discovered that Ghostscript incorrectly handled oversized Type 4\nfunctions in certain PDF documents. An attacker could use this issue to\ncause Ghostscript to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu\n24.04 LTS, and Ubuntu 24.10. (CVE-2025-27834)\n\nIt was discovered that Ghostscript incorrectly handled converting certain\nglyphs to Unicode. An attacker could use this issue to cause Ghostscript to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. (CVE-2025-27835)\n\nIt was discovered that Ghostscript incorrectly handled the BJ10V device. An\nattacker could use this issue to cause Ghostscript to crash, resulting in a\ndenial of service, or possibly execute arbitrary code. (CVE-2025-27836)\n",
"id": "USN-7378-1",
"modified": "2026-04-22T07:37:17Z",
"published": "2025-03-27T12:00:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-7378-1"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2025-27830"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2025-27831"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2025-27832"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2025-27833"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2025-27834"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2025-27835"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2025-27836"
}
],
"related": [],
"schema_version": "1.7.0",
"summary": "ghostscript vulnerabilities",
"upstream": [
"UBUNTU-CVE-2025-27830",
"UBUNTU-CVE-2025-27831",
"UBUNTU-CVE-2025-27832",
"UBUNTU-CVE-2025-27833",
"UBUNTU-CVE-2025-27834",
"UBUNTU-CVE-2025-27835",
"UBUNTU-CVE-2025-27836"
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.