Double Free in Mupdf

CVE-2021-3407

A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences.

Vulnerability class: Double Free

EPSS: 0.505 (98.8th percentile) — read the EPSS interpretation.

Affected products

N/a Mupdf — versions mupdf 1.18.0

Weakness classification (CWE)

CWE-415 — Double Free

References

git.ghostscript.com/ (x_refsource_MISC)
FEDORA-2021-d8e6f014e5 (vendor-advisory, x_refsource_FEDORA)
FEDORA-2021-572bb0f886 (vendor-advisory, x_refsource_FEDORA)
[debian-lts-announce] 20210311 [SECURITY] [DLA 2589-1] mupdf security update (mailing-list, x_refsource_MLIST)
FEDORA-2021-baeaa7bccb (vendor-advisory, x_refsource_FEDORA)
GLSA-202105-30 (vendor-advisory, x_refsource_GENTOO)
bugs.ghostscript.com/show_bug.cgi