Description
Poppler is a PDF rendering library. Versions prior to 25.06.0 use std::atomic_int for reference counting. Because std::atomic_int is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue.
Mitigation
Minimal update. May introduce new vulnerabilities or breaking changes.
|
 debian 11 | | =20.09.0-3.1 || =20.09.0-3.1+deb11u1 || =20.09.0-3.1+deb11u2 || =21.02.0-1 || =21.06.0-1 || =21.06.1-1 || =21.11.0-1 || =22.02.0-1 || =22.02.0-2 || =22.02.0-3 || =22.06.0-1 || =22.08.0-1 || =22.08.0-2 || =22.08.0-2.1 || =22.11.0-1 || =22.12.0-1 || =22.12.0-2 || =22.12.0-2.1 || =22.12.0-2.2 || =23.08.0-1 || =23.08.0-2 || =23.12.0-1 || =24.02.0-1 || =24.02.0-2 || =24.02.0-3 || =24.02.0-4 || =24.02.0-5 || =24.02.0-5+loong64 || =24.06.0-1 || =24.06.0-2 || =24.08.0-1 || =24.08.0-2 || =24.08.0-3 || =24.08.0-4 || =25.01.0-1 || =25.01.0-2 || =25.01.0-3 || =25.01.0-4 || =25.01.0-5 || =25.03.0-1 || =25.03.0-10 || =25.03.0-11 || =25.03.0-11.1 || =25.03.0-2 || =25.03.0-3 || =25.03.0-4 || =25.03.0-5 || =25.03.0-6 || =25.03.0-7 || =25.03.0-9 || =26.01.0-1 || =26.01.0-2 | - |
debian 12 | | =22.12.0-2 || =22.12.0-2+deb12u1 || =22.12.0-2.1 || =22.12.0-2.2 || =23.08.0-1 || =23.08.0-2 || =23.12.0-1 || =24.02.0-1 || =24.02.0-2 || =24.02.0-3 || =24.02.0-4 || =24.02.0-5 || =24.02.0-5+loong64 || =24.06.0-1 || =24.06.0-2 || =24.08.0-1 || =24.08.0-2 || =24.08.0-3 || =24.08.0-4 || =25.01.0-1 || =25.01.0-2 || =25.01.0-3 || =25.01.0-4 || =25.01.0-5 || =25.03.0-1 || =25.03.0-10 || =25.03.0-11 || =25.03.0-11.1 || =25.03.0-2 || =25.03.0-3 || =25.03.0-4 || =25.03.0-5 || =25.03.0-6 || =25.03.0-7 || =25.03.0-9 || =26.01.0-1 || =26.01.0-2 | - |
debian 13 | | | 25.03.0-5 |
debian 14 | | | 25.03.0-5 |
 rpm rhel7 | | - | - |
rpm rhel8 | | - | - |
rpm rhel8 | | - | - |
rpm rhel9 | | - | - |
rpm rhel6 | | - | - |
rpm rhel10 | | - | - |
