CVE-2023-32324

MEDIUM5.5EPSS 0.15%

cups - security update

Published: 6/1/2023Modified: 4/28/2026

Description

OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication.

Affected packages (3)

Alpine/cupsfrom 0, < 2.3.3-r7
Debian/cupsfrom 0, < 2.3.3op2-3+deb11u3
Debian/cupsfrom 0, < 2.2.10-6+deb10u7

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM5.5	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References (2)

ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2023-32324
ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2023-32324