Bug#1138708: poppler: CVE-2026-10118
Salvatore Bonaccorso
carnil at debian.org
Tue Jun 2 17:22:42 BST 2026
Source: poppler
Version: 26.01.0-4
Severity: grave
Tags: security upstream
Justification: user security hole
Forwarded: https://gitlab.freedesktop.org/poppler/poppler/-/work_items/1715
X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
Hi,
The following vulnerability was published for poppler.
CVE-2026-10118[0]:
| A flaw was found in Poppler's Splash backend. A remote attacker
| could exploit this vulnerability by crafting a malicious PDF file
| that, when rendered, triggers an integer overflow in the
| `tilingPatternFill` function. This overflow leads to an undersized
| heap memory allocation, allowing a subsequent out-of-bounds write.
| Successful exploitation could result in arbitrary code execution,
| information disclosure, or denial of service within the context of
| the application processing the PDF.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2026-10118
https://www.cve.org/CVERecord?id=CVE-2026-10118
[1] https://gitlab.freedesktop.org/poppler/poppler/-/work_items/1715
[2] https://gitlab.freedesktop.org/poppler/poppler/-/commit/8352264766652b98336e92359a70b3161a9ab97a
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the Pkg-freedesktop-maintainers
mailing list