CVE-2025-58436

CVE-2025-58436

Name

CVE-2025-58436

Description

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connects to cupsd but sends slow messages, e.g. only one byte per second, delays cupsd as a whole, such that it becomes unusable by other clients. This issue has been patched in version 2.4.15.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://github.com/OpenPrinting/cups/commit/40008d76a001babbb9beb9d9d74b01a86fb6ddb4
MISC	https://github.com/OpenPrinting/cups/releases/tag/v2.4.15
CONFIRM	https://github.com/OpenPrinting/cups/security/advisories/GHSA-8wpw-vfgm-qrrr
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2025/11/27/4

Type

URI

MISC

https://github.com/OpenPrinting/cups/commit/40008d76a001babbb9beb9d9d74b01a86fb6ddb4

MISC

https://github.com/OpenPrinting/cups/releases/tag/v2.4.15

CONFIRM

https://github.com/OpenPrinting/cups/security/advisories/GHSA-8wpw-vfgm-qrrr

af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2025/11/27/4

CPE URI	Source package	Min version	Max version
	cups	>= 0	< 2.4.15

CPE URI

Source package

Min version

Max version

cups

>= 0

< 2.4.15

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
cups	edge-main	2.4.13-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.12-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.11-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.10-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.10-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.9-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.7-r4	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.7-r3	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.7-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.7-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.7-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.6-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.5-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.4-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.3-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.3-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r7	None	possibly vulnerable
cups	edge-main	2.4.2-r6	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r5	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r4	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r3	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.3.3-r0	None	possibly vulnerable
cups	edge-main	2.2.12-r0	None	possibly vulnerable
cups	edge-main	2.2.10-r0	None	possibly vulnerable
cups	3.22-main	2.4.11-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.22-main	2.4.10-r1	None	possibly vulnerable
cups	3.22-main	2.4.9-r0	None	possibly vulnerable
cups	3.22-main	2.4.7-r0	None	possibly vulnerable
cups	3.22-main	2.4.2-r7	None	possibly vulnerable
cups	3.22-main	2.4.2-r0	None	possibly vulnerable
cups	3.22-main	2.3.3-r0	None	possibly vulnerable
cups	3.22-main	2.2.12-r0	None	possibly vulnerable
cups	3.22-main	2.2.10-r0	None	possibly vulnerable
cups	3.21-main	2.4.11-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.21-main	2.4.10-r1	None	possibly vulnerable
cups	3.21-main	2.4.9-r0	None	possibly vulnerable
cups	3.21-main	2.4.7-r0	None	possibly vulnerable
cups	3.21-main	2.4.2-r7	None	possibly vulnerable
cups	3.21-main	2.4.2-r0	None	possibly vulnerable
cups	3.21-main	2.3.3-r0	None	possibly vulnerable
cups	3.21-main	2.2.12-r0	None	possibly vulnerable
cups	3.21-main	2.2.10-r0	None	possibly vulnerable
cups	3.20-main	2.4.9-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.20-main	2.4.9-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.20-main	2.4.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.20-main	2.4.7-r0	None	possibly vulnerable
cups	3.20-main	2.4.2-r7	None	possibly vulnerable
cups	3.20-main	2.4.2-r0	None	possibly vulnerable
cups	3.20-main	2.3.3-r0	None	possibly vulnerable
cups	3.20-main	2.2.12-r0	None	possibly vulnerable
cups	3.20-main	2.2.10-r0	None	possibly vulnerable
cups	3.19-main	2.4.9-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.19-main	2.4.9-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.19-main	2.4.7-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.19-main	2.4.2-r7	None	possibly vulnerable
cups	3.19-main	2.4.2-r0	None	possibly vulnerable
cups	3.19-main	2.3.3-r0	None	possibly vulnerable
cups	3.19-main	2.2.12-r0	None	possibly vulnerable
cups	3.19-main	2.2.10-r0	None	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages