7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
0.0004 Low
EPSS
Percentile
5.1%
cups is vulnerable to Use-After-Free. The vulnerability occurs when the httpClose(con->http)
function is called within scheduler/client.c
. CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before leading to use-after-free.
www.openwall.com/lists/oss-security/2023/06/23/10
www.openwall.com/lists/oss-security/2023/06/26/1
github.com/OpenPrinting/cups/commit/9809947a959e18409dcf562a3466ef246cb90cb2
github.com/OpenPrinting/cups/releases/tag/v2.4.6
github.com/OpenPrinting/cups/security/advisories/GHSA-qjgh-5hcq-5f25
lists.debian.org/debian-lts-announce/2023/06/msg00038.html
lists.fedoraproject.org/archives/list/[email protected]/message/7I7DWGYGEMBNLZF5UQBMF3SONR37YUBN/
lists.fedoraproject.org/archives/list/[email protected]/message/TBIYKDS3UG3W4Z7YOHTR2AWFNBRYPNYY/
secdb.alpinelinux.org/v3.15/main.yaml
secdb.alpinelinux.org/v3.16/main.yaml
secdb.alpinelinux.org/v3.17/main.yaml
support.apple.com/kb/HT213843
support.apple.com/kb/HT213844
support.apple.com/kb/HT213845