A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in function bmp_decompress_rle4() of load-bmp.c.
Weakness
The product divides a value by zero.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Mupdf | Artifex | 1.23.4 (including) | 1.23.4 (including) |
| Mupdf | Ubuntu | bionic | * |
| Mupdf | Ubuntu | esm-apps/bionic | * |
| Mupdf | Ubuntu | esm-apps/focal | * |
| Mupdf | Ubuntu | esm-apps/jammy | * |
| Mupdf | Ubuntu | esm-apps/noble | * |
| Mupdf | Ubuntu | focal | * |
| Mupdf | Ubuntu | jammy | * |
| Mupdf | Ubuntu | lunar | * |
| Mupdf | Ubuntu | mantic | * |
| Mupdf | Ubuntu | noble | * |
| Mupdf | Ubuntu | oracular | * |
| Mupdf | Ubuntu | trusty | * |
| Mupdf | Ubuntu | xenial | * |
References
- http://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=cee86dc519d5270a3b96476ad15809ceace64a26
- https://bugs.ghostscript.com/show_bug.cgi?id=707622
- https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md
- http://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=cee86dc519d5270a3b96476ad15809ceace64a26
- https://bugs.ghostscript.com/show_bug.cgi?id=707622
- https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md