CVE-2026-39316
EUVD-2026-1980607.04.2026, 17:16
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a use-after-free vulnerability exists in the CUPS scheduler (cupsd) when temporary printers are automatically deleted. cupsdDeleteTemporaryPrinters() in scheduler/printers.c calls cupsdDeletePrinter() without first expiring subscriptions that reference the printer, leaving cupsd_subscription_t.dest as a dangling pointer to freed heap memory. The dangling pointer is subsequently dereferenced at multiple code sites, causing a crash (denial of service) of the cupsd daemon. With heap grooming, this can be leveraged for code execution.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| openprinting | cups | 𝑥 ≤ 2.4.16 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| cups |
| ||||||||||
| cups-client |
| ||||||||||
| cups-config |
| ||||||||||
| cups-ddk |
| ||||||||||
| cups-devel |
| ||||||||||
| cups-libs |
| ||||||||||
| cups-libs-32bit |
| ||||||||||
| libcups2 |
| ||||||||||
| libcups2-32bit |
| ||||||||||
| libcupscgi1 |
| ||||||||||
| libcupsimage2 |
| ||||||||||
| libcupsmime1 |
| ||||||||||
| libcupsppdc1 |
|
Amazon Linux Releases
Amazon Package | |||
|---|---|---|---|
| cups |
| ||
| cups-client |
| ||
| cups-client-debuginfo |
| ||
| cups-debuginfo |
| ||
| cups-debugsource |
| ||
| cups-devel |
| ||
| cups-filesystem |
| ||
| cups-ipptool |
| ||
| cups-ipptool-debuginfo |
| ||
| cups-libs |
| ||
| cups-libs-debuginfo |
| ||
| cups-lpd |
| ||
| cups-lpd-debuginfo |
| ||
| cups-printerapp |
| ||
| cups-printerapp-debuginfo |
|
Common Weakness Enumeration