CVE-2023-32324
Summary
| CVE | CVE-2023-32324 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2023-06-01 17:15:00 UTC |
|---|
| Updated | 2023-06-08 14:32:00 UTC |
|---|
| Description | OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| [SECURITY] [DLA 3440-1] cups security update |
MISC |
lists.debian.org |
|
| Heap buffer overflow in cupsd · Advisory · OpenPrinting/cups · GitHub |
MISC |
github.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 161125 Oracle Enterprise Linux Security Update for cups (ELSA-2023-6596)
- 161184 Oracle Enterprise Linux Security Update for cups (ELSA-2023-7165)
- 181819 Debian Security Update for cups (DLA 3440-1)
- 199387 Ubuntu Security Notification for CUPS Vulnerability (USN-6128-1)
- 199559 Ubuntu Security Notification for CUPS Vulnerability (USN-6128-2)
- 242320 Red Hat Update for cups (RHSA-2023:6596)
- 242442 Red Hat Update for cups (RHSA-2023:7165)
- 243034 Red Hat Update for cups (RHSA-2024:1101)
- 243084 Red Hat Update for cups (RHSA-2024:1409)
- 355459 Amazon Linux Security Advisory for cups : ALAS2023-2023-215
- 355763 Amazon Linux Security Advisory for cups : ALAS-2023-1796
- 355766 Amazon Linux Security Advisory for cups : ALAS2-2023-2184
- 379618 Alibaba Cloud Linux Security Update for cups (ALINUX3-SA-2024:0049)
- 503027 Alpine Linux Security Update for cups
- 503028 Alpine Linux Security Update for cups
- 503029 Alpine Linux Security Update for cups
- 503102 Alpine Linux Security Update for cups
- 505859 Alpine Linux Security Update for cups
- 673262 EulerOS Security Update for cups (EulerOS-SA-2023-2577)
- 673291 EulerOS Security Update for cups (EulerOS-SA-2023-2607)
- 673362 EulerOS Security Update for cups (EulerOS-SA-2023-2806)
- 673660 EulerOS Security Update for cups (EulerOS-SA-2023-2782)
- 673700 EulerOS Security Update for cups (EulerOS-SA-2023-3119)
- 673936 EulerOS Security Update for cups (EulerOS-SA-2023-2829)
- 673994 EulerOS Security Update for cups (EulerOS-SA-2023-2834)
- 710864 Gentoo Linux CUPS Multiple Vulnerabilities (GLSA 202402-17)
- 754065 SUSE Enterprise Linux Security Update for cups (SUSE-SU-2023:2347-1)
- 754066 SUSE Enterprise Linux Security Update for cups (SUSE-SU-2023:2346-1)
- 941358 AlmaLinux Security Update for cups (ALSA-2023:6596)
- 941447 AlmaLinux Security Update for cups (ALSA-2023:7165)
