CVE-2025-64524Heap-based Buffer Overflow in Cups-filters

CWE-122Heap-based Buffer OverflowCWE-787Out-of-bounds WriteCWE-120Classic Buffer Overflow8 documents6 sources
Severity
5.5MEDIUMNVD
CNA3.3OSV3.7
EPSS
0.0%
top 90.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linuxfoundation Cups-filtersOpenprinting Cups-filters
Timeline
PublishedNov 20
Latest updateNov 24

Description

cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. In versions 2.0.1 and prior, a heap-buffer-overflow vulnerability in the rastertopclx filter causes the program to crash with a segmentation fault when processing maliciously crafted input data. This issue can be exploited to trigger memory corruption, potentially leading to arbitrary code execution. This issue has been patched via commit 956283c.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

CVEListV5openprinting/cups-filters2.0.1
Debianlinuxfoundation/cups-filters< 1.28.7-1+deb11u4+3
Ubuntulinuxfoundation/cups-filters< 2.0.1-0ubuntu3.25.04.1

Patches

Patch: github.comPatch: www.openwall.com

🔴Vulnerability Details

3
OSV
cups-filters vulnerabilities2025-11-24
CVEList
CUPS rastertopclx Filter Vulnerable to Heap Buffer Overflow Leading to Potential Arbitrary Code Execution2025-11-20
OSV
CVE-2025-64524: cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos2025-11-20

📋Vendor Advisories

4
Ubuntu
cups-filters vulnerabilities2025-11-24
Ubuntu
cups-filters vulnerabilities2025-11-20
Red Hat
cups-filters: cups-filters: Heap buffer overflow in rastertopclx filter may lead arbitrary code execution2025-11-20
Debian
CVE-2025-64524: cups-filters - cups-filters contains backends, filters, and other software required to get the ...2025
CVE-2025-64524 — Heap-based Buffer Overflow | cvebase