Unresponsive Behavior in OpenPrinting CUPS Before Version 2.4.15
CVE-2025-58436

5.1MEDIUM

Key Information:

Vendor

Openprinting

Status
Cups
Vendor
CVE Published:
29 November 2025

What is CVE-2025-58436?

OpenPrinting CUPS, an open source printing system, is susceptible to a denial of service vulnerability that occurs when a client sends messages at a very slow rate (e.g., one byte per second). This behavior causes a significant delay in the cupsd service, rendering it unusable for other clients attempting to connect. The issue has been effectively mitigated in version 2.4.15, which addresses this performance bottleneck.

Affected Version(s)

cups < 2.4.15

References

https://github.com/OpenPrinting/cups/security/advisories/...
x_refsource_CONFIRM
https://github.com/OpenPrinting/cups/commit/40008d76a001b...
x_refsource_MISC
https://github.com/OpenPrinting/cups/releases/tag/v2.4.15
x_refsource_MISC

CVSS V3.1

Score:
5.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-58436 : Unresponsive Behavior in OpenPrinting CUPS Before Version 2.4.15