Updated: 2024-11-24 04:55:41.884481
Description:
OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication.
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | 0 | |
CVSS Version 3.x | MEDIUM | 5.5 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
---|---|---|---|---|---|---|---|---|
AlmaLinux 9.2 ESU | cups | 2.3.3op2 | 5.5 | MEDIUM | Released | CLSA-2024:1733420952 | 2024-12-05 13:20:43 | |
CentOS 6 ELS | cups | 1.4.2 | 5.5 | MEDIUM | Ignored | 2023-06-09 05:05:01 | ||
CentOS 7 ELS | cups | 1.6.3 | 5.5 | MEDIUM | Ignored | 2024-07-02 11:10:54 | ||
CentOS 8.4 ELS | cups | 2.2.6 | 5.5 | MEDIUM | Released | CLSA-2024:1718903288 | 2024-06-20 14:35:01 | |
CentOS 8.5 ELS | cups | 2.2.6 | 5.5 | MEDIUM | Released | CLSA-2024:1718903513 | 2024-06-20 14:35:00 | |
CloudLinux 6 ELS | cups | 1.4.2 | 5.5 | MEDIUM | Ignored | 2023-06-09 05:05:01 | ||
Oracle Linux 6 ELS | cups | 1.4.2 | 5.5 | MEDIUM | Ignored | 2023-06-09 05:05:01 | ||
Ubuntu 16.04 ELS | cups | 2.1.3-4 | 5.5 | MEDIUM | Released | CLSA-2023:1689009273 | 2023-07-10 14:05:24 | |
Ubuntu 18.04 ELS | cups | 2.2.7-1 | 5.5 | MEDIUM | Already Fixed | 2023-06-14 09:05:28 |