oss-sec mailing list archives
CVE-2025-61915 cups: Local denial-of-service via cupsd.conf update and related issues
From: Zdenek Dohnal <zdohnal () redhat com>
Date: Thu, 27 Nov 2025 16:11:23 +0100
Hi all,we have CVE-2025-61915 reported by SilverPlate3 in CUPS project - it is moderate vulnerability with CVSS 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H .
The advisory covers two reported issues related to cupsd daemon, and one issue discovered by Mike Sweet - detailed description in advisory: https://github.com/OpenPrinting/cups/security/advisories/GHSA-hxm8-vfpq-jrfc
The commits fixing the issue:- master: https://github.com/OpenPrinting/cups/commit/524749b0449b49d8967d4f777854259bf22b278a
- 2.4.x: https://github.com/OpenPrinting/cups/commit/db8d560262c22a21ee1e55dfd62fa98d9359bcb0
Have a nice day, Zdenek -- Zdenek Dohnal Senior Software Engineer Red Hat, BRQ-TPBC
Current thread:
- CVE-2025-61915 cups: Local denial-of-service via cupsd.conf update and related issues Zdenek Dohnal (Nov 27)
