A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent out-of-bounds write. Successful exploitation could result in arbitrary code execution, information disclosure, or denial of service within the context of the application processing the PDF.
21.06.1-121.11.0-1~ubuntu222.02.0-222.02.0-2ubuntu0.122.02.0-2ubuntu0.1022.02.0-2ubuntu0.1122.02.0-2ubuntu0.1222.02.0-2ubuntu0.222.02.0-2ubuntu0.322.02.0-2ubuntu0.4+5 more23.08.0-2ubuntu123.12.0-1ubuntu224.02.0-1ubuntu224.02.0-1ubuntu824.02.0-1ubuntu924.02.0-1ubuntu9.124.02.0-1ubuntu9.224.02.0-1ubuntu9.324.02.0-1ubuntu9.424.02.0-1ubuntu9.5+3 more25.03.0-1025.03.0-10ubuntu0.125.03.0-325.03.0-425.03.0-4build125.03.0-4ubuntu125.03.0-525.03.0-625.03.0-725.03.0-1025.03.0-11.126.01.0-2build20.33.0-0ubuntu30.37.0-0ubuntu10.38.0-0ubuntu10.41.0-0ubuntu10.41.0-0ubuntu1.10.41.0-0ubuntu1.100.41.0-0ubuntu1.110.41.0-0ubuntu1.120.41.0-0ubuntu1.130.41.0-0ubuntu1.14+18 more0.57.0-2ubuntu40.57.0-2ubuntu50.62.0-1ubuntu10.62.0-2ubuntu10.62.0-2ubuntu20.62.0-2ubuntu2.10.62.0-2ubuntu2.100.62.0-2ubuntu2.110.62.0-2ubuntu2.120.62.0-2ubuntu2.13+16 more0.80.0-0ubuntu10.80.0-0ubuntu30.80.0-0ubuntu40.80.0-0ubuntu50.85.0-1ubuntu10.85.0-1ubuntu30.86.1-0ubuntu10.86.1-0ubuntu1.10.86.1-0ubuntu1.20.86.1-0ubuntu1.3+7 moreExploitability
AV:LAC:LPR:NUI:RScope
S:UImpact
C:HI:HA:HCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H