OpenPrinting CUPS Remote DoS Vulnerability in Linux Systems
CVE-2025-58364

6.5MEDIUM

Key Information:

Vendor: Openprinting
Status: Cups
Vendor: CVE Published:; 11 September 2025

🔔 Create Openprinting Vulnerability Alert

What is CVE-2025-58364?

The OpenPrinting CUPS is an open-source printing system that can be exploited due to unsafe deserialization and validation of printer attributes in versions 2.4.12 and earlier. This vulnerability can lead to null dereference in the libcups library, causing the cups and cups-browsed services to crash on all machines in a local network that are configured to listen for printers. If the system’s firewall does not block incoming communications to the IPP port and is exposed to the public internet, an attacker can exploit this vulnerability remotely. Affected users are encouraged to upgrade to version 2.4.13 where the vulnerabilities have been addressed.

Affected Version(s)

cups < 2.4.13

References

https://github.com/OpenPrinting/cups/security/advisories/...

x_refsource_CONFIRM

https://github.com/OpenPrinting/cups/commit/e58cba9d6fcee...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 11, 2025
Vulnerability Reserved
Aug 29, 2025