Bug 2496772 (CVE-2026-14544)

Summary: CVE-2026-14544 HPLIP: Incomplete Fix for CVE-2026-8631
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: rhel-process-autobot, watson-tool-maintainers, zdohnal
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling specially crafted print data.
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2496773    
Bug Blocks:    

Description OSIDB Bzimport 2026-07-03 07:08:24 UTC
Incomplete Fix for CVE-2026-8631.

During development of the fix for CVE-2026-8631 an issue was introduced in hpcups, which made the fix for CVE-2026-8631 incomplete. The original fix was protecting result of multiplication of several variables, which are influenced by crafted input file, from integer overflow. The core of the new flaw is that it protects multiplication of one different pair of variables, leaving the one variable which can be influenced by input file unchecked, which can result in arbitrary cod