CVE-2025-61915
BaseFortify
Publication date: 2025-11-29
Last updated on: 2025-12-04
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openprinting | cups | to 2.4.15 (exc) |
| opengroup | unix | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-124 | The product writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer. |
| CWE-129 | The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in OpenPrinting CUPS allows a user in the lpadmin group to use the cups web UI to modify the configuration by inserting a malicious line. When the cupsd process, which runs as root, parses this new configuration, it causes an out-of-bound write, potentially leading to a denial of service or other impacts. The issue was fixed in version 2.4.15.
How can this vulnerability impact me? :
The vulnerability can cause the cupsd process to perform an out-of-bound write, which may lead to a denial of service or other unexpected behavior on the system. Since cupsd runs as root, this could affect system stability or security.
What immediate steps should I take to mitigate this vulnerability?
Upgrade OpenPrinting CUPS to version 2.4.15 or later, as this version contains the patch for the vulnerability. Additionally, restrict lpadmin group membership to trusted users only to minimize risk.