oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2025-58436 cups: Slow client communication leads to a possible DoS attack

From: Zdenek Dohnal <zdohnal () redhat com>
Date: Thu, 27 Nov 2025 16:10:53 +0100
Hi all,
we have CVE-2025-58436 reported by pzirnik, jsmeix, cmatos689, msmeissn - it is moderate CVE with CVSS score CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
The published advisory: https://github.com/OpenPrinting/cups/security/advisories/GHSA-8wpw-vfgm-qrrr 

The commits fixing the issue:
- master: https://github.com/OpenPrinting/cups/commit/40008d76a001babbb9beb9d9d74b01a86fb6ddb4
- 2.4.x: https://github.com/OpenPrinting/cups/commit/5d414f1f91bdca118413301b148f0b188eb1cdc6 


Have a nice day!

Zdenek

--
Zdenek Dohnal
Senior Software Engineer
Red Hat, BRQ-TPBC
Previous By Date Next
Previous By Thread Next

Current thread: