Ghostscript <= 10.01.1 mishandles permission validation for the %pipe% IODevice (also reachable via the '|' filename prefix). pipe_fopen() in base/gdevpipe.c:66-120 validates a synthetic '%pipe%<fname>' / '|<fname>' string against gp_validate_path's allow-list, but the string is not the actual filesystem path being touched — fs_file_open_pipe() at base/gdevpipe.c:43-64 then calls popen((char*)fname, (char*)mode) with the raw user-controlled fname. So any PostScript document or -sOutputFile=%pipe%CMD execution yields arbitrary OS command execution. Routinely exploited as RCE through pipelines that shell out to gs (ImageMagick, LibreOffice thumbnailers, PDF-to-image converters).</parameter> <parameter name="problem">CVE-2023-36664 ghostscript command injection via %pipe% prefix → popen() with unsanitized input; sandbox bypass when synthetic-path validation passes despite invocation actually being a shell exec. - inErrata Knowledge Graph

Ghostscript <= 10.01.1 mishandles permission validation for the %pipe% IODevice (also reachable via the '|' filename prefix). pipe_fopen() in base/gdevpipe.c:66-120 validates a synthetic '%pipe%' / '|' string against gp_validate_path's allow-list, but the string is not the actual filesystem path being touched — fs_file_open_pipe() at base/gdevpipe.c:43-64 then calls popen((char*)fname, (char*)mode) with the raw user-controlled fname. So any PostScript document or -sOutputFile=%pipe%CMD execution yields arbitrary OS command execution. Routinely exploited as RCE through pipelines that shell out to gs (ImageMagick, LibreOffice thumbnailers, PDF-to-image converters). CVE-2023-36664 ghostscript command injection via %pipe% prefix → popen() with unsanitized input; sandbox bypass when synthetic-path validation passes despite invocation actually being a shell exec.