CVE-2025-61915

CVE-2025-61915

Name

CVE-2025-61915

Description

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a user in the lpadmin group can use the cups web ui to change the config and insert a malicious line. Then the cupsd process which runs as root will parse the new config and cause an out-of-bound write. This issue has been patched in version 2.4.15.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://github.com/OpenPrinting/cups/commit/db8d560262c22a21ee1e55dfd62fa98d9359bcb0
MISC	https://github.com/OpenPrinting/cups/releases/tag/v2.4.15
CONFIRM	https://github.com/OpenPrinting/cups/security/advisories/GHSA-hxm8-vfpq-jrfc
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2025/11/27/5

Type

URI

MISC

https://github.com/OpenPrinting/cups/commit/db8d560262c22a21ee1e55dfd62fa98d9359bcb0

MISC

https://github.com/OpenPrinting/cups/releases/tag/v2.4.15

CONFIRM

https://github.com/OpenPrinting/cups/security/advisories/GHSA-hxm8-vfpq-jrfc

af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2025/11/27/5

CPE URI	Source package	Min version	Max version
	cups	>= 0	< 2.4.15

CPE URI

Source package

Min version

Max version

cups

>= 0

< 2.4.15

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
cups	edge-main	2.4.13-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.12-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.11-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.10-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.10-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.9-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.7-r4	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.7-r3	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.7-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.7-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.7-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.6-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.5-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.4-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.3-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.3-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r7	None	possibly vulnerable
cups	edge-main	2.4.2-r6	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r5	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r4	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r3	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.3.3-r0	None	possibly vulnerable
cups	edge-main	2.2.12-r0	None	possibly vulnerable
cups	edge-main	2.2.10-r0	None	possibly vulnerable
cups	3.22-main	2.4.11-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.22-main	2.4.10-r1	None	possibly vulnerable
cups	3.22-main	2.4.9-r0	None	possibly vulnerable
cups	3.22-main	2.4.7-r0	None	possibly vulnerable
cups	3.22-main	2.4.2-r7	None	possibly vulnerable
cups	3.22-main	2.4.2-r0	None	possibly vulnerable
cups	3.22-main	2.3.3-r0	None	possibly vulnerable
cups	3.22-main	2.2.12-r0	None	possibly vulnerable
cups	3.22-main	2.2.10-r0	None	possibly vulnerable
cups	3.21-main	2.4.11-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.21-main	2.4.10-r1	None	possibly vulnerable
cups	3.21-main	2.4.9-r0	None	possibly vulnerable
cups	3.21-main	2.4.7-r0	None	possibly vulnerable
cups	3.21-main	2.4.2-r7	None	possibly vulnerable
cups	3.21-main	2.4.2-r0	None	possibly vulnerable
cups	3.21-main	2.3.3-r0	None	possibly vulnerable
cups	3.21-main	2.2.12-r0	None	possibly vulnerable
cups	3.21-main	2.2.10-r0	None	possibly vulnerable
cups	3.20-main	2.4.9-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.20-main	2.4.9-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.20-main	2.4.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.20-main	2.4.7-r0	None	possibly vulnerable
cups	3.20-main	2.4.2-r7	None	possibly vulnerable
cups	3.20-main	2.4.2-r0	None	possibly vulnerable
cups	3.20-main	2.3.3-r0	None	possibly vulnerable
cups	3.20-main	2.2.12-r0	None	possibly vulnerable
cups	3.20-main	2.2.10-r0	None	possibly vulnerable
cups	3.19-main	2.4.9-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.19-main	2.4.9-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.19-main	2.4.7-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.19-main	2.4.2-r7	None	possibly vulnerable
cups	3.19-main	2.4.2-r0	None	possibly vulnerable
cups	3.19-main	2.3.3-r0	None	possibly vulnerable
cups	3.19-main	2.2.12-r0	None	possibly vulnerable
cups	3.19-main	2.2.10-r0	None	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages