Out of Bounds Read/Write Vulnerability in CUPS-Filters and libcupsfilters
CVE-2025-57812

3.7LOW

Key Information:

Vendor

Openprinting

Status
Libcupsfilters
Vendor
CVE Published:
12 November 2025

What is CVE-2025-57812?

CUPS-Filters and libcupsfilters contain an out of bounds read/write vulnerability during the processing of TIFF image files via the 'imagetoraster' filter. An attacker can exploit this by issuing a print job with a crafted TIFF file and manipulating the print job options to control the bytes-per-pixel value. This can lead to improper memory access and potential system compromise, especially if the vulnerable functions are invoked under specific printer configurations. A patch is available to address this vulnerability.

Affected Version(s)

libcupsfilters cups-filters <= 1.28.17 <= cups-filters 1.28.17

libcupsfilters libcupsfilters >= 2.0.0, < 2.1.1 < libcupsfilters 2.0.0, 2.1.1

References

https://github.com/OpenPrinting/libcupsfilters/security/a...
x_refsource_CONFIRM
https://github.com/OpenPrinting/libcupsfilters/commit/b69...
x_refsource_MISC
https://github.com/OpenPrinting/cups-filters/blob/3c58463...
x_refsource_MISC

CVSS V3.1

Score:
3.7
Severity:
LOW
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-57812 : Out of Bounds Read/Write Vulnerability in CUPS-Filters and libcupsfilters