CVE-2025-61915

EUVD-2025-199891
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a user in the lpadmin group can use the cups web ui to change the config and insert a malicious line. Then the cupsd process which runs as root will parse the new config and cause an out-of-bound write. This issue has been patched in version 2.4.15.
Buffer Underflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
Affected Products (NVD)
VendorProductVersion
openprintingcups
𝑥
< 2.4.15
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
cups
bookworm
no-dsa
bookworm (security)
vulnerable
bullseye
postponed
bullseye (security)
vulnerable
forky
2.4.18-1
fixed
sid
2.4.18-1
fixed
trixie
no-dsa
trixie (security)
vulnerable
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
cups
bionic
Fixed 2.2.7-1ubuntu2.10+esm9
released
focal
Fixed 2.3.1-9ubuntu1.9+esm3
released
jammy
Fixed 2.4.1op1-1ubuntu4.15
released
noble
Fixed 2.4.7-1.2ubuntu7.7
released
plucky
Fixed 2.4.12-0ubuntu1.4
released
questing
Fixed 2.4.12-0ubuntu3.3
released
xenial
Fixed 2.1.3-4ubuntu0.11+esm11
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
cups
suse enterprise desktop 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise desktop 15 SP7
2.2.7-150000.3.77.1
fixed
suse enterprise sap 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise sap 15 SP7
2.2.7-150000.3.77.1
fixed
suse enterprise server 12 SP3
1.7.5-20.57.1
fixed
suse enterprise server 15 SP4
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP7
2.2.7-150000.3.77.1
fixed
cups-client
suse enterprise desktop 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise desktop 15 SP7
2.2.7-150000.3.77.1
fixed
suse enterprise sap 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise sap 15 SP7
2.2.7-150000.3.77.1
fixed
suse enterprise server 12 SP3
1.7.5-20.57.1
fixed
suse enterprise server 15 SP4
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP7
2.2.7-150000.3.77.1
fixed
cups-config
suse enterprise desktop 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise desktop 15 SP7
2.2.7-150000.3.77.1
fixed
suse enterprise sap 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise sap 15 SP7
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP4
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP7
2.2.7-150000.3.77.1
fixed
cups-ddk
suse enterprise server 15 SP4
2.2.7-150000.3.77.1
fixed
cups-devel
suse enterprise desktop 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise desktop 15 SP7
2.2.7-150000.3.77.1
fixed
suse enterprise sap 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise sap 15 SP7
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP4
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP7
2.2.7-150000.3.77.1
fixed
cups-libs
suse enterprise server 12 SP3
1.7.5-20.57.1
fixed
cups-libs-32bit
suse enterprise server 12 SP3
1.7.5-20.57.1
fixed
libcups2
suse enterprise desktop 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise desktop 15 SP7
2.2.7-150000.3.77.1
fixed
suse enterprise sap 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise sap 15 SP7
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP4
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP7
2.2.7-150000.3.77.1
fixed
libcups2-32bit
suse enterprise server 15 SP4
2.2.7-150000.3.77.1
fixed
libcupscgi1
suse enterprise desktop 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise desktop 15 SP7
2.2.7-150000.3.77.1
fixed
suse enterprise sap 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise sap 15 SP7
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP4
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP7
2.2.7-150000.3.77.1
fixed
libcupsimage2
suse enterprise desktop 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise desktop 15 SP7
2.2.7-150000.3.77.1
fixed
suse enterprise sap 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise sap 15 SP7
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP4
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP7
2.2.7-150000.3.77.1
fixed
libcupsmime1
suse enterprise desktop 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise desktop 15 SP7
2.2.7-150000.3.77.1
fixed
suse enterprise sap 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise sap 15 SP7
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP4
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP7
2.2.7-150000.3.77.1
fixed
libcupsppdc1
suse enterprise desktop 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise desktop 15 SP7
2.2.7-150000.3.77.1
fixed
suse enterprise sap 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise sap 15 SP7
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP4
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP6
2.2.7-150000.3.77.1
fixed
suse enterprise server 15 SP7
2.2.7-150000.3.77.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
cups
RHEL 8
1:2.2.6-66.el8_10
fixed
RHEL 9
1:2.3.3op2-34.el9_7.2
fixed
cups-libs
RHEL 8
1:2.2.6-66.el8_10
fixed
RHEL 9
1:2.3.3op2-34.el9_7.2
fixed
Common Weakness Enumeration
References
https://github.com/OpenPrinting/cups/commit/db8d560262c22a21ee1e55dfd62fa98d9359bcb0
https://github.com/OpenPrinting/cups/releases/tag/v2.4.15
https://github.com/OpenPrinting/cups/security/advisories/GHSA-hxm8-vfpq-jrfc
http://www.openwall.com/lists/oss-security/2025/11/27/5
https://github.com/OpenPrinting/cups/security/advisories/GHSA-hxm8-vfpq-jrfc