Control: tags -1 + moreinfo On Sat, 09 Aug 2025 at 11:47:40 +0200, Salvatore Bonaccorso wrote:
CVE-2025-50422[0]: | An issue was discovered in freedesktop poppler v25.04.0. The heap | memory containing PDF stream objects is not cleared upon program | exit, allowing attackers to obtain sensitive PDF content via a | memory dump.
This seems like a bad description of the problem. The reporter seems to have originally claimed that the existence of possibly-sensitive data in a core dump is a security vulnerability, which ... no. Core dumps contain whatever was in RAM, that's just how they work, and if that's considered to be a security vulnerability in a particular scenario then that scenario should disable core dumps.
It seems like the better description might be something like: a crafted input file fed to poppler's pdftoppm can cause an assertion failure, leading to denial of service (?) and possibly a worse impact (?).
The original reporter claims on their Github page [1] that "The vendor (freedesktop, maintainer of Poppler) has acknowledged the issue and fixed the bug. The fix has been committed in their official repository." but I see no evidence of that, only two unreviewed and unmerged merge-requests in one of poppler's dependencies [3] [4].
I think we should be cautious about applying unreviewed changes for unclear reasons. If someone (perhaps the CNA that created this CVE ID) has a better description of what security problem is being addressed, then they should publish it.
I also can't help noticing that https://www.cve.org/CVERecord?id=CVE-2025-50422 links to "freedesktop.com" and "poppler.com" neither of which appears to be freedesktop.org or poppler, which seems like it indicates a lack of research and critical thinking.
[0] https://security-tracker.debian.org/tracker/CVE-2025-50422 https://www.cve.org/CVERecord?id=CVE-2025-50422 [1] https://github.com/Landw-hub/CVE-2025-50422 [2] https://gitlab.freedesktop.org/poppler/poppler/-/issues/1591 [3] https://gitlab.freedesktop.org/cairo/cairo/-/merge_requests/621
[4] https://gitlab.freedesktop.org/cairo/cairo/-/merge_requests/623
