Arch Linux Security Advisory ASA-201812-4 ========================================= Severity: High Date : 2018-12-08 CVE-ID : CVE-2018-17407 Package : texlive-bin Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-770 Summary ======= The package texlive-bin before version 2018.48691-1 is vulnerable to arbitrary code execution. Resolution ========== Upgrade to 2018.48691-1. # pacman -Syu "texlive-bin>=2018.48691-1" The problem has been fixed upstream in version 2018.48691. Workaround ========== None. Description =========== An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex. Impact ====== A local attacker can execute arbitrary code via a crafted font. References ========== https://github.com/TeX-Live/texlive-source/commit/6ed0077520e2b0da1fd060c7f8... https://github.com/TeX-Live/texlive-source/commit/f1211fe16c19af8fee54146ae1... https://security.archlinux.org/CVE-2018-17407