The directory-services functionality in the scheduler in CUPS 1.1.17 and 1.1.22 allows remote attackers to cause a denial of service (cupsd daemon outage or crash) via manipulations of the timing of CUPS browse packets, related to a “pointer use-after-delete flaw.”
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | cups | < 1.1.99.b1.r4748-1 | cups_1.1.99.b1.r4748-1_all.deb |
Debian | 11 | all | cups | < 1.1.99.b1.r4748-1 | cups_1.1.99.b1.r4748-1_all.deb |
Debian | 10 | all | cups | < 1.1.99.b1.r4748-1 | cups_1.1.99.b1.r4748-1_all.deb |
Debian | 999 | all | cups | < 1.1.99.b1.r4748-1 | cups_1.1.99.b1.r4748-1_all.deb |
Debian | 13 | all | cups | < 1.1.99.b1.r4748-1 | cups_1.1.99.b1.r4748-1_all.deb |