CVE-2023-34241Use After Free in Cups

CWE-416Use After Free12 documents8 sources
Severity
7.1HIGHNVD
CNA5.3
EPSS
0.0%
top 89.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Apple CupsApple MacosOpenprinting Cups+2 more
Timeline
PublishedJun 22
Latest updateJul 24

Description

OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before. This is a use-after-free bug that impacts the entire cupsd process. The exact cause of this issue is the function `httpClose(con->http)` being called in `scheduler/client.c`. The problem

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages5 packages

NVDopenprinting/cups2.2.02.4.6
CVEListV5openprinting/cups>= 2.0.0, < 2.4.6
Alpineapple/cups< 2.3.3-r8+2
Debianapple/cups< 2.3.3op2-3+deb11u3+3
NVDapple/macos12.0.012.6.8+2

Also affects: Debian Linux 10.0, Fedora 37, 38

Patches

Patch: github.comPatch: github.comPatch: github.com

🔴Vulnerability Details

3
CVEList
CUPS vulnerable to use-after-free in cupsdAcceptClient()2023-06-22
OSV
CVE-2023-34241: OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems2023-06-22
OSV
CVE-2023-34241: OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems2023-06-22

📋Vendor Advisories

8
Apple
CVE-2023-34241: macOS Monterey 12.6.82023-07-24
Apple
CVE-2023-34241: macOS Ventura 13.52023-07-24
Apple
CVE-2023-34241: macOS Big Sur 11.7.92023-07-24
Ubuntu
CUPS vulnerability2023-07-17
Red Hat
cups: use-after-free in cupsdAcceptClient() in scheduler/client.c2023-06-22
CVE-2023-34241 — Use After Free in Openprinting Cups | cvebase