CVE-2026-39314

CVE-2026-39314

Name

CVE-2026-39314

Description

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, an integer underflow vulnerability in _ppdCreateFromIPP() (cups/ppd-cache.c) allows any unprivileged local user to crash the cupsd root process by supplying a negative job-password-supported IPP attribute. The bounds check only caps the upper bound, so a negative value passes validation, is cast to size_t (wrapping to ~2^64), and is used as the length argument to memset() on a 33-byte stack buffer. This causes an immediate SIGSEGV in the cupsd root process. Combined with systemd's Restart=on-failure, an attacker can repeat the crash for sustained denial of service.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
security-advisories@github.com	https://github.com/OpenPrinting/cups/security/advisories/GHSA-pp8w-2g52-7vj7

Type

URI

security-advisories@github.com

https://github.com/OpenPrinting/cups/security/advisories/GHSA-pp8w-2g52-7vj7

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:openprinting:cups::::::::`	cups	>= None	<= 2.4.16

CPE URI

Source package

Min version

Max version

cpe:2.3:a:openprinting:cups:*:*:*:*:*:*:*:*

cups

>= None

<= 2.4.16

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
cups	edge-main	2.4.18-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
cups	edge-main	2.4.16-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.13-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.12-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.11-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.10-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.10-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.9-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.7-r4	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.7-r3	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.7-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.7-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.7-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.6-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.5-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.4-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.3-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.3-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r7	None	possibly vulnerable
cups	edge-main	2.4.2-r6	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r5	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r4	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r3	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.4.2-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	edge-main	2.3.3-r0	None	possibly vulnerable
cups	edge-main	2.2.12-r0	None	possibly vulnerable
cups	edge-main	2.2.10-r0	None	possibly vulnerable
cups	3.23-main	2.4.18-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
cups	3.23-main	2.4.16-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.23-main	2.4.13-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.22-main	2.4.18-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
cups	3.22-main	2.4.16-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.22-main	2.4.11-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.22-main	2.4.10-r1	None	possibly vulnerable
cups	3.22-main	2.4.9-r0	None	possibly vulnerable
cups	3.22-main	2.4.7-r0	None	possibly vulnerable
cups	3.22-main	2.4.2-r7	None	possibly vulnerable
cups	3.22-main	2.4.2-r0	None	possibly vulnerable
cups	3.22-main	2.3.3-r0	None	possibly vulnerable
cups	3.22-main	2.2.12-r0	None	possibly vulnerable
cups	3.22-main	2.2.10-r0	None	possibly vulnerable
cups	3.21-main	2.4.18-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
cups	3.21-main	2.4.16-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.21-main	2.4.11-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.21-main	2.4.10-r1	None	possibly vulnerable
cups	3.21-main	2.4.9-r0	None	possibly vulnerable
cups	3.21-main	2.4.7-r0	None	possibly vulnerable
cups	3.21-main	2.4.2-r7	None	possibly vulnerable
cups	3.21-main	2.4.2-r0	None	possibly vulnerable
cups	3.21-main	2.3.3-r0	None	possibly vulnerable
cups	3.21-main	2.2.12-r0	None	possibly vulnerable
cups	3.21-main	2.2.10-r0	None	possibly vulnerable
cups	3.20-main	2.4.18-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
cups	3.20-main	2.4.16-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.20-main	2.4.9-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.20-main	2.4.9-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.20-main	2.4.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.20-main	2.4.7-r0	None	possibly vulnerable
cups	3.20-main	2.4.2-r7	None	possibly vulnerable
cups	3.20-main	2.4.2-r0	None	possibly vulnerable
cups	3.20-main	2.3.3-r0	None	possibly vulnerable
cups	3.20-main	2.2.12-r0	None	possibly vulnerable
cups	3.20-main	2.2.10-r0	None	possibly vulnerable
cups	3.19-main	2.4.9-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.19-main	2.4.9-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.19-main	2.4.7-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
cups	3.19-main	2.4.2-r7	None	possibly vulnerable
cups	3.19-main	2.4.2-r0	None	possibly vulnerable
cups	3.19-main	2.3.3-r0	None	possibly vulnerable
cups	3.19-main	2.2.12-r0	None	possibly vulnerable
cups	3.19-main	2.2.10-r0	None	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages