SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cups-filters (SUSE-SU-2026:1948-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1948-1 advisory. This update for cups-filters fixes the following issues - error about PPD file during 'driverless' printe...

Security update for cups-filters

This update for cups-filters fixes the following issues error about PPD file during 'driverless' printer setup bsc1256868. ppd pull out from driverless printer feature broken bsc1256977. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

SUSE-SU-2026:1948-1 Security update for cups-filters

This update for cups-filters fixes the following issues - error about PPD file during 'driverless' printer setup bsc1256868. - ppd pull out from driverless printer feature broken bsc1256977...

CLSA-2026-1777462768 cups: Fix of CVE-2023-4504

CVE-2023-4504: validate PPD PostScript input length to prevent heap-based buffer overflow in raster-interpret.c...

CVE-2026-41079

A flaw was found in CUPS. A network-adjacent attacker can send a specially crafted Simple Network Management Protocol SNMP response to the CUPS SNMP backend, leading to an out-of-bounds read. This vulnerability allows for the disclosure of up to 176 bytes of sensitive memory, which is then...

CLSA-2026-1777393200 cups: Fix of CVE-2026-34980

CVE-2026-34980: filter control characters from IPP option values and allowlist PPD keywords returned by filters so a remote attacker cannot inject cupsFilter/cupsFilter2 entries on a shared PostScript queue and gain code execution as the cupsd user...

CVE-2026-41079

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to 2.4.17, a network-adjacent attacker can send a crafted SNMP response to the CUPS SNMP backend that causes an out-of-bounds read of up to 176 bytes past a stack buffer. The leaked memory i...

CLSA-2025-1741635651 cups: Fix of CVE-2024-47175

CVE-2024-47175: fix improper input validation in cups for PPD files...

CLSA-2025-1741216285 Fix CVE(s): CVE-2024-47175

SECURITY UPDATE: PPD injection issues - debian/patches/CVE-2024-47175.patch: sanitize make and model, PPDize preset and template names in cups/ppd-cache.c - CVE-2024-47175...

USN-7043-3 cups-filters vulnerability

USN-7043-1 fixed a vulnerability in cups-filters. This update provides the corresponding update for Ubuntu 16.04 LTS Original advisory details: Simone Margaritelli discovered that the cups-filters cups-browsed component could be used to create arbitrary printers from outside the local network. In...

cups: libppd: remote command injection via attacker controlled data in PPD file

A security vulnerability was found in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

cups: libppd: remote command injection via attacker controlled data in PPD file

A security vulnerability was found in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

cups: libppd: remote command injection via attacker controlled data in PPD file

A security vulnerability was found in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

USN-7041-2 cups vulnerability

USN-7041-1 fixed a vulnerability in CUPS. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Simone Margaritelli discovered that CUPS incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate P...

DEBIAN-CVE-2024-47076

CUPS is a standards-based, open-source printing system, and libcupsfilters contains the code of the filters of the former cups-filters package as library functions to be used for the data format conversion tasks needed in Printer Applications. The cfGetPrinterAttributes5 function in libcupsfilter...

USN-7045-1 libppd vulnerability

Simone Margaritelli discovered that libppd incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used...

USN-7044-1 libcupsfilters vulnerability

Simone Margaritelli discovered that libcupsfilters incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used...

CVE-2024-47175

A security issue was found in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer information...

PT-2024-6441

Name of the Vulnerable Software and Affected Versions CUPS versions 2.x cups-filters versions up to 2.0.1 Description The issue is related to the FoomaticRIPCommandLine function in the CUPS printing system, which allows remote command execution via a PPD file. This can be exploited when combined...

PT-2024-6503

Name of the Vulnerable Software and Affected Versions CUPS affected versions not specified Description The issue is related to the libppd function ppdCreatePPDFromIPP2 not sanitizing IPP attributes when creating the PPD buffer. This can result in user-controlled input and ultimately code executio...