CVE-2025-58436

MEDIUM EPSS 9.4%
Published Nov 29, 20257mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Nov 29, 2025 7mo ago
Last Modified Jun 17, 2026 1w ago

Description

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connects to cupsd but sends slow messages, e.g. only one byte per second, delays cupsd as a whole, such that it becomes unusable by other clients. This issue has been patched in version 2.4.15.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
9.4% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-400 Uncontrolled Resource Consumption Resource Mgmt

Affected Products 1

VendorProductVersionRange
openprintingcups* <2.4.15

References 4

  • openwall.com http://www.openwall.com/lists/oss-security/2025/11/27/4
    Mailing ListThird Party Advisory
  • github.com https://github.com/OpenPrinting/cups/commit/40008d76a001babbb9beb9d9d74b01a86fb6ddb4
    Patch
  • github.com https://github.com/OpenPrinting/cups/releases/tag/v2.4.15
    Release Notes
  • github.com https://github.com/OpenPrinting/cups/security/advisories/GHSA-8wpw-vfgm-qrrr
    ExploitVendor Advisory

Remediation

  • github.com https://github.com/OpenPrinting/cups/commit/40008d76a001babbb9beb9d9d74b01a86fb6ddb4
    Patch