github
diff --git a/‎SecurityExploits/freedesktop/poppler-CVE-2025-52886/.gitignore‎
Lines changed: 1 addition & 0 deletions b/‎SecurityExploits/freedesktop/poppler-CVE-2025-52886/.gitignore‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎SecurityExploits/freedesktop/poppler-CVE-2025-52886/Makefile‎
Lines changed: 2 additions & 0 deletions b/‎SecurityExploits/freedesktop/poppler-CVE-2025-52886/Makefile‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎SecurityExploits/freedesktop/poppler-CVE-2025-52886/README.md‎
Lines changed: 25 additions & 0 deletions b/‎SecurityExploits/freedesktop/poppler-CVE-2025-52886/README.md‎
Lines changed: 25 additions & 0 deletions
@@ -0,0 +1 @@
+pdfgen
@@ -0,0 +1,2 @@
+pdfgen: pdfgen.cpp utils.cpp utils.h
+	g++ -Wall -Wextra -g -O0 pdfgen.cpp utils.cpp -lz -o pdfgen
@@ -0,0 +1,25 @@
+# Proof of concept for poppler CVE-2025-52886
+
+CVE-2025-52886 is a use-after-free vulnerability in
+[poppler](https://gitlab.freedesktop.org/poppler), caused by a
+reference count overflow. Reference counting was done with a 32-bit
+counter, which meant it was feasible to overflow the counter. In my
+testing, it took approximately 12 hours to overflow the counter
+though, so the risk of exploitation was low.
+
+This directory contains the code for building the proof-of-concept. To
+run it:
+
+```bash
+make
+./pdfgen > poc.pdf
+```
+
+Notice that the size of the generated PDF is only 3104 bytes.  Now try
+to either open the PDF or run a command line application like
+`pdftohtml` on it.
+
+## Links:
+
+* https://gitlab.freedesktop.org/poppler/poppler/-/issues/1581
+* https://securitylab.github.com/advisories/GHSL-2025-054_poppler/
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+pdfgen: pdfgen.cpp utils.cpp utils.h`
	`2`	`+ g++ -Wall -Wextra -g -O0 pdfgen.cpp utils.cpp -lz -o pdfgen`