Use-After-Free

2023-07-1112:56:52

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

cups

use-after-free

vulnerability

httpclose

scheduler/client.c

free memory.

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

cups is vulnerable to Use-After-Free. The vulnerability occurs when the httpClose(con->http) function is called within scheduler/client.c. CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before leading to use-after-free.

CPENameOperatorVersion
cups:3.16eq2.4.1-r1
cups:3.16eq2.4.2-r1
cups:3.16eq2.4.2-r0
cups:3.17eq2.4.2-r2
cups:3.17eq2.4.2-r1
cups:3.17eq2.4.2-r0
cups:3.15eq2.3.3-r7
cups:3.15eq2.3.3-r4
cups:3.15eq2.3.3-r6
cups:3.15eq2.3.3-r5

Name	Operator	Version
cups:3.16	eq	2.4.1-r1
cups:3.16	eq	2.4.2-r1
cups:3.16	eq	2.4.2-r0
cups:3.17	eq	2.4.2-r2
cups:3.17	eq	2.4.2-r1
cups:3.17	eq	2.4.2-r0
cups:3.15	eq	2.3.3-r7
cups:3.15	eq	2.3.3-r4
cups:3.15	eq	2.3.3-r6
cups:3.15	eq	2.3.3-r5