#1117046 poppler: CVE-2025-43718

Package:
src:poppler
Source:
src:poppler
Submitter:
Salvatore Bonaccorso
Date:
2026-06-11 20:49:07 UTC
Severity:
normal
Tags:
#1117046#5
Date:
2025-10-02 19:30:59 UTC
From:
To:
Hi,

The following vulnerability was published for poppler.

CVE-2025-43718[0]:
| Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption
| and a SIGSEGV via deeply nested structures within the metadata (such
| as GTS_PDFEVersion) of a PDF document, e.g., a regular expression
| for a long pdfsubver string. This occurs in Dict::lookup,
| Catalog::getMetadata, and associated functions in PDFDoc, with deep
| recursion in the regex executor (std::__detail::_Executor).


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2025-43718
https://www.cve.org/CVERecord?id=CVE-2025-43718
[1] https://gitlab.freedesktop.org/poppler/poppler/-/commit/f54b815672117c250420787c8c006de98e8c7408

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
#1117046#12
Date:
2025-10-02 20:40:19 UTC
From:
To:
We believe that the bug you reported is fixed in the latest version of
poppler, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1117046@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jeremy Bícha <jbicha@ubuntu.com> (supplier of updated poppler package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
Format: 1.8
Date: Thu, 02 Oct 2025 15:58:16 -0400
Source: poppler
Built-For-Profiles: noudeb
Architecture: source
Version: 25.03.0-10
Distribution: unstable
Urgency: high
Maintainer: Debian freedesktop.org maintainers <pkg-freedesktop-maintainers@lists.alioth.debian.org>
Changed-By: Jeremy Bícha <jbicha@ubuntu.com>
Closes: 1117046
Launchpad-Bugs-Fixed: 2126687
Changes:
 poppler (25.03.0-10) unstable; urgency=high
 .
   * SECURITY UPDATE: stack consumption & crash
     - debian/patches/CVE-2025-43718.patch: make sure regex doesn't
       stack overflow by limiting it in poppler/PDFDoc.cc
     - CVE-2025-4718 (Closes: #1117046) (LP: #2126687)
Checksums-Sha1:
 200c08889063228bcdc6c0aca555bc0869498bbe 3938 poppler_25.03.0-10.dsc
 d9e10951bb94831fb7444ce0957128466951448c 43108 poppler_25.03.0-10.debian.tar.xz
 3ce5e4230a40173940e483d7a56c81eb2040fdc9 17378 poppler_25.03.0-10_source.buildinfo
Checksums-Sha256:
 2297d69bb2c9ca0b6d3aa44d1b15cfef20f127c11c0573d4fb3e13d5afc432fb 3938 poppler_25.03.0-10.dsc
 253827486b95b50443f3e2109e42e7cacd4400ee79cc11c61f87f94057560897 43108 poppler_25.03.0-10.debian.tar.xz
 e78a26ed0754ac990ff833f13f44a8abdc9265c1a252c9e33756799a9e20550e 17378 poppler_25.03.0-10_source.buildinfo
Files:
 4ee0ba7bc451dd800e70120e3b795fe5 3938 devel optional poppler_25.03.0-10.dsc
 3a13e06528d69cee3b9ed89c56fec904 43108 devel optional poppler_25.03.0-10.debian.tar.xz
 ae65af99059f3abae85feb50e7bf9a69 17378 devel optional poppler_25.03.0-10_source.buildinfo
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEETQvhLw5HdtiqzpaW5mx3Wuv+bH0FAmje2egACgkQ5mx3Wuv+
bH0v0BAAwBIm+LJ/lzzyb77vJsvQ2xdlwytFF0pZQZiB+F5P70LAyQZv7RPQ2Zg1
mTb2LHcXFYihNgNrMhnivR3gm5es34qsefmG2UBzcx45XdQ4gUrviN6a32+TBuTx
R9Iq77zzDhsJDn+l73L2LgnllL7fRDKHMbA9ni8JHC896Y+VXEpkKLgf0QKpH5Da
jr1ER3VSFN3mMJ9Q/gL01FZ52pZnE0yiygqNjgF6/KHAeufO7entoOsscFLQwM3o
ETNqzBv32DfC1koJ3kBXT1SqKTpquKYOCRIPvqKrs2sY0RIomCYqhsEaPggc+kOW
6a4f+UOn8VRRRdBMM74le39h7FYliXIE06lIXCtc05A7RdvgxX/yMp7Y0vQfTSww
RFJitc8C1QagjqYpB/BdQzP4aO4vPybwulyi13t2Y77o+e+SfNNEnRtEmPRDTKXa
YrQCrbDVCF8EW/5Lc+W8i29TXurGf8l3TZfrUDbJnDlMbAK24TaQjYJCy56SrHsN
JSP+lMmXZIFx9zAH5p3Qt0hR7kwV/O1k/G33wmxvAsqJ4DvcOxUjKl1DRAU/r/k6
nsX4Ud3VFvpb9f+bFbslDKetHj73zcnFLP1ii3D1jRqSYFEvmiAWx1+UFt669qsy
af4111wmwriV0LxVgHzvhWPC3y9PGP2iJm4/vmXHlR54+K+kyls=
=5TNe
-----END PGP SIGNATURE-----
#1117046#27
Date:
2026-06-11 20:47:32 UTC
From:
To:
We believe that the bug you reported is fixed in the latest version of
poppler, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1117046@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated poppler package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
Format: 1.8
Date: Sat, 06 Jun 2026 11:07:43 +0200
Source: poppler
Architecture: source
Version: 25.03.0-5+deb13u3
Distribution: trixie-security
Urgency: high
Maintainer: Debian freedesktop.org maintainers <pkg-freedesktop-maintainers@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 1117046 1117853 1138708
Changes:
 poppler (25.03.0-5+deb13u3) trixie-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * SplashOutputDev: Fix integer overflow in tilingPatternFill (CVE-2026-10118)
     (Closes: #1138708)
   * Make sure regex doesn't stack overflow by limiting it (CVE-2025-43718)
     (Closes: #1117046)
   * Check for duplicate entries (CVE-2025-52885) (Closes: #1117853)
Checksums-Sha1:
 8b17e8eeb60c2fb37a25ce36fc7bcfc095678a13 4121 poppler_25.03.0-5+deb13u3.dsc
 ee5041be2a6bd6b6e5627776c7c82b788e238f58 1954516 poppler_25.03.0.orig.tar.xz
 cb74cff2ea515391ee267c81a926b0ece4a14991 43964 poppler_25.03.0-5+deb13u3.debian.tar.xz
 4f393b77eeecfaebbf22a1d38ac3d75654911d6b 6752 poppler_25.03.0-5+deb13u3_source.buildinfo
Checksums-Sha256:
 4c867dedb90253a5693832f2187ee00cc4db1c997c7573f2289e4048480ff1f9 4121 poppler_25.03.0-5+deb13u3.dsc
 97da4ff88517a6bbd729529f195f85c8d7a0c3bb4a3d57cb0c685cbb052fe837 1954516 poppler_25.03.0.orig.tar.xz
 1234f92a2cbf5dafc80f34b51e98d1d79011fd51072744109c0f5c2aff32c658 43964 poppler_25.03.0-5+deb13u3.debian.tar.xz
 d6145e8aefdd9df8b648e5117de0b55571d15fa89a8b2718351c0354b3789c4a 6752 poppler_25.03.0-5+deb13u3_source.buildinfo
Files:
 58612a17225657930e99712d758f4a68 4121 devel optional poppler_25.03.0-5+deb13u3.dsc
 21bb345c070ab16d7cd3bafcd513cc02 1954516 devel optional poppler_25.03.0.orig.tar.xz
 561810f6047d557cd24c78cfd2f69f96 43964 devel optional poppler_25.03.0-5+deb13u3.debian.tar.xz
 4109a65dfb6a5ee70c2fe7d801a0846e 6752 devel optional poppler_25.03.0-5+deb13u3_source.buildinfo
-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmokO0dfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89Ebc4P/3j31hUaSEt4mDqRErLcG+N/ZGz90An6
7j8gu1FUIpFFLLVXLJNgyHBNdNrpwrwB/KTrS5zBKY1i6YdNDql3C7YnunlPLANM
DMnsQYejHklGBQoMbzP4PK0FIrLjHt/KkqyNr9JbDPZ7hCS6jJJfVpHT8EtCLlfQ
WwUWcuwpIzUuauLjg3FeQHFAlWLhSQZDeghHbiQwkzb4O6E0RdEHTG39wlByfq4+
IrnwIzeowbtM01OfoTILJ/wK9HAsspNAfROXnVJLZ6W1REYXOQ0Ys0+ZBAiJLUOB
vcOfRm/IcNBeKOaLHnJuc9F/355xacMFpZrgdCsPaDer1GhOv712h6g8+nrWwpN7
8UMcJmcUJDBS9E7Z/z5R28UVtxk/7FsA9Jgg4aO4At70MTSr+kLCF/tSjLIlxLMY
e0v82K+YC407ZsvliUIh4QA7nvr92mBDYQ1vX+zsvqkon8bS/nSmAd5OtUzvQJgW
QWq19XF79kvqX1JemXN2YN5/dHL1zTh7hAzyuUzkAWiRVq7gedd7xR0YhGoFAct0
k794rTiaSXlkdafGUxrVv3AQ+2CufoArs4iB+SUOAXey94rG0mHDYlzUx4uIFirM
AWGJnzixcSf6Ca0fi71WPOuHfky2ATmc6Cr0uS4u9BVUKkGCyE3HAEenIEuvPSth
9kf//BntPfoH
=bOAU
-----END PGP SIGNATURE-----
#1117046#32
Date:
2026-06-11 20:48:38 UTC
From:
To:
We believe that the bug you reported is fixed in the latest version of
poppler, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1117046@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated poppler package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
Format: 1.8
Date: Sat, 06 Jun 2026 15:00:14 +0200
Source: poppler
Architecture: source
Version: 22.12.0-2+deb12u2
Distribution: bookworm-security
Urgency: high
Maintainer: Debian freedesktop.org maintainers <pkg-freedesktop-maintainers@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 1117046 1117853 1138708
Changes:
 poppler (22.12.0-2+deb12u2) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Make sure regex doesn't stack overflow by limiting it (CVE-2025-43718)
     (Closes: #1117046)
   * Check for duplicate entries (CVE-2025-52885) (Closes: #1117853)
   * SplashOutputDev: Fix integer overflow in tilingPatternFill (CVE-2026-10118)
     (Closes: #1138708)
Checksums-Sha1:
 4116288d991eba62296630a24681f71f8f08399f 3641 poppler_22.12.0-2+deb12u2.dsc
 28bba6fd877ada1629d5e093d7b1d3701a6bb36f 1845856 poppler_22.12.0.orig.tar.xz
 cd931aeda929739e6bc9e4e08c8a0d70fb684f12 40648 poppler_22.12.0-2+deb12u2.debian.tar.xz
 2de502f143869928383125ba7d9cf6a87110dbe8 6752 poppler_22.12.0-2+deb12u2_source.buildinfo
Checksums-Sha256:
 7414799e91fc1fde389c24aacfc811ae5676d4be713be085870bfe978621bb88 3641 poppler_22.12.0-2+deb12u2.dsc
 d9aa9cacdfbd0f8e98fc2b3bb008e645597ed480685757c3e7bc74b4278d15c0 1845856 poppler_22.12.0.orig.tar.xz
 fd5bc595a83f013adfc9f576ccf5184b398ba33aca889cef7c09cb5736c5862f 40648 poppler_22.12.0-2+deb12u2.debian.tar.xz
 ae22eaaaed523ddc654a74850c149ae40d1e8a2dd6498a78049422880fa1ad37 6752 poppler_22.12.0-2+deb12u2_source.buildinfo
Files:
 73aca07092107e88f2d8e00f38b49b9a 3641 devel optional poppler_22.12.0-2+deb12u2.dsc
 39b6a69eceba6adb8afbcee8d47385fd 1845856 devel optional poppler_22.12.0.orig.tar.xz
 2b985eefb7ecbcc603656f857e1c7be1 40648 devel optional poppler_22.12.0-2+deb12u2.debian.tar.xz
 5349c2ed29141bfe6e2b404830686070 6752 devel optional poppler_22.12.0-2+deb12u2_source.buildinfo
-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmokO+hfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89ETTEP/iOGW9NSZgrjL1LwHhI4t1LpP3yMLzCk
jhvdX3leuWrbhs9opgADvW6v6B2Y6dNfysE8W8jwl24GIHeQ6pF1adeGwxTNcYsA
SYt61Hia+CBd1bgNCYljv5EzfZzsbomuB0JmJt0YQxV+/usbjoygzG/8zwzOZb61
7fIwEaoqK1HhcIlscA3XMBYNBYIGsm1cck37YMM6hqEwEAPRusTUUMjoY5JZOjYa
ABl1EIy3CGeTynaGxclQN014xjZWsahSKrE3ftJG6BjawpR8slZ6wSqcGxaaveE2
XTXRDfw9kwTYmxLr/iLx+jqSMREMoLZc0t/84qUnV2k3VE9E8EfBRtjlC/VRYMOG
shWvhEmlla2TH0klLQK0erzMHpWaOTTm9IPA3Lu1iGkZju12nEvF154qZcbt07Y7
uit59VWKlqIJGD4WmN5StliVZ1Fpe5BsSBnmlDn4z3oVV9E0sLn9/FNL31Q37+Bp
6Pjja+giJPW47ibZTuFEADUwTvOyt2EybIvcRBcXrNQ25weZvS+g8ff7LLySMK/G
NoYBmeAWGm98nGSgDvx+OXdMKK85mn4ypgguFb80wmG8Deeur+fX4kzfNg6hAFd4
gqnApQ7tkUscgulJsvbdCglM8DbIKI78JA6bsK079AMbEdqZy7Q0AjLfqp7rneO+
a9O6kD+oMROw
=E49I
-----END PGP SIGNATURE-----