Pharos Response to Ghostscript Vulnerability
- 23 Jul 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Pharos Response to Ghostscript Vulnerability
- Updated on 23 Jul 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Pharos Response to Ghostscript Vulnerability
Background
Recently, a new vulnerability was discovered inside the Ghostscript library/tool that, in certain circumstances, can allow a memory corruption and then an escape from their sandbox.
| CVE | Description | NVD CVSSv3 Score |
|---|---|---|
| CVE-2024-29510 | Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a Uniprint device | Not available |
Further information is available from Ghostscript’s website here. Versions impacted are “at least 10.01.2 and higher, but likely older versions as well” (from Ghostscript’s page).
Pharos Software and Ghostscript
Pharos has, in the past, used the vulnerable version of Ghostscript as a component of PCL drivers in the Mac desktop components for Pharos Cloud. This was phased out when Pharos switched to providing its own IPP driver, which is now our recommended solution.
Some customers preferred the original PCL driver, and Pharos has provided a TAR file with this driver on request. This PCL driver contains the vulnerable Ghostscript library.
Pharos has researched all other products, libraries and our Pharos Cloud infrastructure. Ghostscript is not in use anywhere else.
The Risk
Because Mac users generally don’t share their printers, the weakness above usually only permits a user to attempt to role escalation on their current computer. This is a risk if the computer is shared, or if the user does not have elevated privileges on their own computer.
Addressing The Issue
Mac Print Scouts older than v2.22.105.100 (March 2023) may have been vulnerable (depending on which installer package was used), and customers should upgrade these vulnerable Mac Print Scouts. A new version - v2.27.10.100 - was released on 21 July 2024 and is the current version. This new version can be downloaded from the Pharos Cloud web portal.
Note that removing or upgrading the old version of the Mac Print Scout will not necessarily remove Ghostscript. To remove Ghostscript, customers should follow the script below.
Concerned customers can also switch from the PCL driver to the Pharos IPP driver which does not use Ghostscript (although you should still remove Ghostscript).
Removing Ghostscript
Open a terminal and execute the following commands, one by one (ignoring the comment lines starting with "#")
# Find the installed package, and the version
pkgutil --pkgs | grep ghost
# This command should have return ghostscript’s package name and the version if it is installed
# For example it might return “org.tug.mactex.ghostscript9.19”
# Do not continue if Ghostscript (ghost) is not installed
# Find where ghostscript is installed (note: change the version appropriately).
pkgutil --pkg-info org.tug.mactex.ghostscript9.19
# Change to the location folder returned above, normally /usr/local
cd /usr/local
# Run a command to list all files, to inspect what will be removed. Ensure it is only Ghostscript
pkgutil --only-files --files org.tug.mactex.ghostscript9.19 | tr '\n' '\0' | xargs -n 1 -0 sudo ls
# Run again, this time deleting files
pkgutil --only-files --files org.tug.mactex.ghostscript9.19 | tr '\n' '\0' | xargs -n 1 -0 sudo rm -f
# Forget the installed package
sudo pkgutil --forget org.tug.mactex.ghostscript9.19
# Test to see if removed
gs –version
# The result should be “No such file or directory”.
Was this article helpful?