CVE-2023-32324

OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function format_log_line could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file cupsd.conf sets the value of loglevel to DEBUG. No known patches or workarounds exist at time of publication.

Published: Jun 1, 2023
Updated: Jun 9, 2023
CVE: CVE-2023-32324
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWEs:

CWE-787

Affected Software
References

Software	From	Fixed in
openprinting / cups	-	2.4.2.x
debian / debian_linux	10.0	10.0.x

https://github.com/OpenPrinting/cups/security/advisories/GHSA-cxc6-w2g7-69p7
https://lists.debian.org/debian-lts-announce/2023/06/msg00001.html

Vulnerability Database

289,599

CVE-2023-32324