CVE-2025-32364 is an integer overflow vulnerability categorized under CWE-190 found in the Poppler PDF rendering library, specifically in the PSStack::roll function. Poppler versions prior to 25.04.0 are affected. The vulnerability arises when the function processes malformed inputs involving the minimum integer value (INT_MIN), causing an arithmetic overflow or wraparound. This leads to a floating-point exception that crashes the application using Poppler to render or manipulate PDF files. The flaw impacts the availability of the application by causing denial of service (DoS) conditions but does not compromise confidentiality or integrity. Exploitation requires local access (AV:L) but no privileges (PR:N) or user interaction (UI:N). The vulnerability is not known to be exploited in the wild yet. Poppler is widely used in many Linux distributions and open-source projects for PDF rendering, making this vulnerability relevant for desktop environments, document processing servers, and any software relying on Poppler. The CVSS 3.1 base score is 4.0, indicating medium severity, with the vector AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L. No patches were linked at the time of publication, but upgrading to Poppler 25.04.0 or later is expected to resolve the issue. The root cause is an integer overflow leading to a floating-point exception, a common issue in low-level C++ libraries handling complex data structures like stacks.

For European organizations, this vulnerability primarily threatens the availability of systems that utilize Poppler for PDF rendering or processing. Potential impacts include application crashes and denial of service when handling specially crafted PDF files containing malformed inputs triggering the integer overflow. This could disrupt business operations relying on automated document processing, PDF viewing, or printing services. While the vulnerability does not expose sensitive data or allow code execution, repeated crashes could degrade user experience and interrupt workflows. Organizations running Linux-based desktop environments, document management systems, or web services that parse PDFs with Poppler are at risk. The impact is more pronounced in sectors with heavy document handling such as government, finance, legal, and publishing. Since exploitation requires local access, the threat is mitigated somewhat by network perimeter defenses but remains relevant for insider threats or compromised endpoints. The absence of known exploits reduces immediate risk but does not eliminate the need for proactive mitigation.

1. Upgrade Poppler to version 25.04.0 or later as soon as the patch becomes available to address the integer overflow vulnerability. 2. Until patching is possible, implement sandboxing or containerization for applications that process untrusted PDF files to isolate potential crashes and limit impact on critical systems. 3. Employ input validation and filtering mechanisms to detect and block malformed or suspicious PDF files before processing. 4. Monitor application logs and system stability for signs of crashes related to PDF handling to detect potential exploitation attempts. 5. Restrict local access to systems running vulnerable Poppler versions to trusted users only, minimizing the risk of local exploitation. 6. For environments with automated PDF processing, consider fallback mechanisms or redundancy to maintain availability during potential crashes. 7. Educate users and administrators about the risk of opening untrusted PDFs and enforce security policies accordingly.