CVE-2025-58364

NameCVE-2025-58364
DescriptionOpenPrinting CUPS is an open source printing system for Linux and othe ...
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-4298-1, DSA-5998-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
cups (PTS)bullseye2.3.3op2-3+deb11u8vulnerable
bullseye (security)2.3.3op2-3+deb11u10fixed
bookworm2.4.2-3+deb12u8vulnerable
bookworm (security)2.4.2-3+deb12u9fixed
trixie (security)2.4.10-3+deb13u1fixed
forky, trixie2.4.10-3vulnerable
sid2.4.10-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
cupssourcebullseye2.3.3op2-3+deb11u10DLA-4298-1
cupssourcebookworm2.4.2-3+deb12u9DSA-5998-1
cupssourcetrixie2.4.10-3+deb13u1DSA-5998-1
cupssource(unstable)2.4.10-4

Notes

https://www.openwall.com/lists/oss-security/2025/09/11/2
Fixed by: https://github.com/OpenPrinting/cups/commit/e58cba9d6fceed4242980e51dbd1302cf638ab1d (v2.4.13)
Search for package or bug name: Reporting problems