CVE-2023-32324

Updated: 2024-11-24 04:55:41.884481

Description:

OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU cups 2.3.3op2 5.5 MEDIUM Released CLSA-2024:1733420952 2024-12-05 13:20:43
CentOS 6 ELS cups 1.4.2 5.5 MEDIUM Ignored 2023-06-09 05:05:01
CentOS 7 ELS cups 1.6.3 5.5 MEDIUM Ignored 2024-07-02 11:10:54
CentOS 8.4 ELS cups 2.2.6 5.5 MEDIUM Released CLSA-2024:1718903288 2024-06-20 14:35:01
CentOS 8.5 ELS cups 2.2.6 5.5 MEDIUM Released CLSA-2024:1718903513 2024-06-20 14:35:00
CloudLinux 6 ELS cups 1.4.2 5.5 MEDIUM Ignored 2023-06-09 05:05:01
Oracle Linux 6 ELS cups 1.4.2 5.5 MEDIUM Ignored 2023-06-09 05:05:01
Ubuntu 16.04 ELS cups 2.1.3-4 5.5 MEDIUM Released CLSA-2023:1689009273 2023-07-10 14:05:24
Ubuntu 18.04 ELS cups 2.2.7-1 5.5 MEDIUM Already Fixed 2023-06-14 09:05:28