Most of the modern top PDF viewers are vulnerable to “Loop Bug”

A security issue (Loop Bug) has been found in an obscure PDF parsing library back in 2011 is also exist in most of the modern top PDF viewers.

The German security researcher Hanno Böck found that PDF documents with a specific structure — PDF files cross-referencing internal xref tables — would make the Evince application to start a continuous loop that would take up all of the local CPU’s resources, and immediately run out of memory, crashing the Evince app.

According to the researcher:
“one could create a PDF file with cross-referencing xref tables. A naive parser would get caught in an endless loop. He showed that the evince thumbnailer process was affected by this.

This was eventually fixed in evince’s underlying rendering library poppler. But it seems this issue hasn’t reached many other PDF parser libraries. The qpdf issue I had seen was exactly the same bug. The sample file can be found here. If you follow that link you’ll immediately notice that Github’s Javascript PDF viewer is also affected.

The issue was mostly ignored because it was never considered an important security flaw and only affected a small app installed only on Linux desktops.

Adobe Reader and Apple’s OS X built-in PDF viewer app are not affected.

Related posts

ZenHammer Memory Attack Exploits Rowhammer Against AMD CPUs

Unsaflok Flaws Allow Unlocking Saflok Door Locks With Forged Cards

New Loop DoS Attack Can Cause Indefinite System Crash