CVE-2023-32324

Name
CVE-2023-32324
Description
OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://github.com/OpenPrinting/cups/security/advisories/GHSA-cxc6-w2g7-69p7
MISC https://lists.debian.org/debian-lts-announce/2023/06/msg00001.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:openprinting:cups:*:*:*:*:*:*:*:* cups >= None <= 2.4.2

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
cups 3.17-main 2.4.2-r3 Natanael Copa <ncopa@alpinelinux.org> fixed
cups 3.16-main 2.4.2-r2 Natanael Copa <ncopa@alpinelinux.org> fixed
cups 3.15-main 2.3.3-r8 Natanael Copa <ncopa@alpinelinux.org> fixed