UBUNTU-CVE-2019-9543

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2019-9543

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-9543.json

JSON Data

https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2019-9543

Upstream

CVE-2019-9543

Published

2019-03-01T19:29:00Z

Modified

2025-07-29T04:59:53Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Ubuntu - negligible

Summary

[none]

Details

An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readGenericBitmap() located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to (for example) the pdfseparate binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. This is related to JArithmeticDecoder::decodeBit.

References

Affected packages

Ubuntu:Pro:16.04:LTS / poppler

Package

Name: poppler
Purl: pkg:deb/ubuntu/poppler@0.41.0-0ubuntu1.16+esm6?arch=source&distro=esm-infra/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.33.0-0ubuntu3

0.37.0-0ubuntu1

0.38.0-0ubuntu1

0.41.0-0ubuntu1

0.41.0-0ubuntu1.1

0.41.0-0ubuntu1.2

0.41.0-0ubuntu1.3

0.41.0-0ubuntu1.4

0.41.0-0ubuntu1.5

0.41.0-0ubuntu1.6

0.41.0-0ubuntu1.7

0.41.0-0ubuntu1.8

0.41.0-0ubuntu1.9

0.41.0-0ubuntu1.10

0.41.0-0ubuntu1.11

0.41.0-0ubuntu1.12

0.41.0-0ubuntu1.13

0.41.0-0ubuntu1.14

0.41.0-0ubuntu1.15

0.41.0-0ubuntu1.16

0.41.0-0ubuntu1.16+esm1

0.41.0-0ubuntu1.16+esm2

0.41.0-0ubuntu1.16+esm3

0.41.0-0ubuntu1.16+esm4

0.41.0-0ubuntu1.16+esm5

0.41.0-0ubuntu1.16+esm6

Ubuntu:Pro:18.04:LTS / poppler

Package

Name: poppler
Purl: pkg:deb/ubuntu/poppler@0.62.0-2ubuntu2.14+esm6?arch=source&distro=esm-infra/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.57.0-2ubuntu4

0.57.0-2ubuntu5

0.62.0-1ubuntu1

0.62.0-2ubuntu1

0.62.0-2ubuntu2

0.62.0-2ubuntu2.1

0.62.0-2ubuntu2.2

0.62.0-2ubuntu2.4

0.62.0-2ubuntu2.5

0.62.0-2ubuntu2.6

0.62.0-2ubuntu2.7

0.62.0-2ubuntu2.8

0.62.0-2ubuntu2.9

0.62.0-2ubuntu2.10

0.62.0-2ubuntu2.11

0.62.0-2ubuntu2.12

0.62.0-2ubuntu2.13

0.62.0-2ubuntu2.14

0.62.0-2ubuntu2.14+esm1

0.62.0-2ubuntu2.14+esm2

0.62.0-2ubuntu2.14+esm3

0.62.0-2ubuntu2.14+esm4

0.62.0-2ubuntu2.14+esm5

0.62.0-2ubuntu2.14+esm6

Ubuntu:Pro:20.04:LTS / poppler

Package

Name: poppler
Purl: pkg:deb/ubuntu/poppler@0.86.1-0ubuntu1.7?arch=source&distro=esm-infra/focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.80.0-0ubuntu1

0.80.0-0ubuntu3

0.80.0-0ubuntu4

0.80.0-0ubuntu5

0.85.0-1ubuntu1

0.85.0-1ubuntu3

0.86.1-0ubuntu1

0.86.1-0ubuntu1.1

0.86.1-0ubuntu1.2

0.86.1-0ubuntu1.3

0.86.1-0ubuntu1.4

0.86.1-0ubuntu1.5

0.86.1-0ubuntu1.6

0.86.1-0ubuntu1.7

Ubuntu:22.04:LTS / poppler

Package

Name: poppler
Purl: pkg:deb/ubuntu/poppler@22.02.0-2ubuntu0.9?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

21.*

21.06.1-1

21.11.0-1~ubuntu2

22.*

22.02.0-2

22.02.0-2ubuntu0.1

22.02.0-2ubuntu0.2

22.02.0-2ubuntu0.3

22.02.0-2ubuntu0.4

22.02.0-2ubuntu0.5

22.02.0-2ubuntu0.6

22.02.0-2ubuntu0.7

22.02.0-2ubuntu0.8

22.02.0-2ubuntu0.9

Ubuntu:24.04:LTS / poppler

Package

Name: poppler
Purl: pkg:deb/ubuntu/poppler@24.02.0-1ubuntu9.5?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

23.*

23.08.0-2ubuntu1

23.12.0-1ubuntu2

24.*

24.02.0-1ubuntu2

24.02.0-1ubuntu8

24.02.0-1ubuntu9

24.02.0-1ubuntu9.1

24.02.0-1ubuntu9.2

24.02.0-1ubuntu9.3

24.02.0-1ubuntu9.4

24.02.0-1ubuntu9.5

Ubuntu:25.04 / poppler

Package

Name: poppler
Purl: pkg:deb/ubuntu/poppler@25.03.0-3ubuntu1.1?arch=source&distro=plucky

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

24.*

24.08.0-1

24.08.0-3

25.*

25.01.0-1

25.01.0-2

25.01.0-3

25.01.0-4

25.01.0-5

25.03.0-2

25.03.0-3

25.03.0-3ubuntu1

25.03.0-3ubuntu1.1