CVE-2025-64503Out-of-bounds Write in Cups-filters

CWE-787Out-of-bounds Write9 documents6 sources
Severity
3.3LOWNVD
CNA4.0
EPSS
0.0%
top 93.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Linuxfoundation Cups-filtersOpenprinting LibcupsfiltersOpenprinting Cups-filters
Timeline
PublishedNov 12
Latest updateNov 20

Description

cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. In cups-filters prior to 1.28.18, by crafting a PDF file with a large `MediaBox` value, an attacker can cause CUPS-Filter 1.x’s `pdftoraster` tool to write beyond the bounds of an array. First, a PDF with a large `MediaBox` width value causes `header.cupsWidth` to become large. Next, the calculation of `bytesPerLine = (header.cupsBitsPerPixel * head

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:LExploitability: 1.8 | Impact: 1.4

Affected Packages5 packages

NVDopenprinting/libcupsfilters2.0.02.1.2
Debianopenprinting/libcupsfilters< 2.0.0-3+deb13u1+1
Debianlinuxfoundation/cups-filters< 1.28.7-1+deb11u4+3
CVEListV5openprinting/cups-filterscups-filters < 1.28.18, libcupsfilters >= 2.0.0, < 2.1.2+1

Patches

Patch: github.com

🔴Vulnerability Details

4
OSV
cups-filters vulnerabilities2025-11-20
OSV
libcupsfilters vulnerabilities2025-11-20
OSV
CVE-2025-64503: cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos2025-11-12
CVEList
[BIGSLEEP-434615384] cups-filters 1.x: out of bounds write in pdftoraster2025-11-12

📋Vendor Advisories

4
Ubuntu
cups-filters vulnerabilities2025-11-20
Ubuntu
libcupsfilters vulnerabilities2025-11-20
Red Hat
cups: cups-filters: cups-filters: Out-of-bounds write via crafted PDF MediaBox2025-11-12
Debian
CVE-2025-64503: cups-filters - cups-filters contains backends, filters, and other software required to get the ...2025
CVE-2025-64503 — Out-of-bounds Write in Cups-filters | cvebase