Bug 2393078 (CVE-2025-58364) - CVE-2025-58364 cups: Null Pointer Dereference in CUPS ipp_read_io() Leading to Remote DoS
Summary: CVE-2025-58364 cups: Null Pointer Dereference in CUPS ipp_read_io() Leading t...
Keywords:
Status: NEW
Alias: CVE-2025-58364
Deadline: 2025-09-11
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2395194 2395195
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-09-04 09:57 UTC by OSIDB Bzimport
Modified: 2025-10-03 14:05 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2025:15731 0 None None None 2025-09-15 01:22:03 UTC
Red Hat Product Errata RHBA-2025:15792 0 None None None 2025-09-15 11:12:35 UTC
Red Hat Product Errata RHBA-2025:15794 0 None None None 2025-09-15 11:14:45 UTC
Red Hat Product Errata RHBA-2025:15796 0 None None None 2025-09-15 13:31:16 UTC
Red Hat Product Errata RHBA-2025:15873 0 None None None 2025-09-15 22:42:04 UTC
Red Hat Product Errata RHBA-2025:15957 0 None None None 2025-09-16 12:59:02 UTC
Red Hat Product Errata RHBA-2025:16486 0 None None None 2025-09-23 16:25:39 UTC
Red Hat Product Errata RHSA-2025:15700 0 None None None 2025-09-11 15:22:48 UTC
Red Hat Product Errata RHSA-2025:15701 0 None None None 2025-09-11 15:19:36 UTC
Red Hat Product Errata RHSA-2025:16590 0 None None None 2025-09-24 15:35:52 UTC
Red Hat Product Errata RHSA-2025:16591 0 None None None 2025-09-24 15:42:48 UTC
Red Hat Product Errata RHSA-2025:16592 0 None None None 2025-09-24 16:22:37 UTC

Description OSIDB Bzimport 2025-09-04 09:57:45 UTC 
Null Pointer Dereference vulnerability in the ipp_read_io() function of the CUPS printing system. The flaw is caused by unsafe deserialization and improper validation of crafted printer attribute responses. When ippValidateAttributes() processes such responses, a null pointer dereference occurs, leading to application crash. This issue can be exploited remotely within the local subnet in default configurations, and in some cases over the network if IPP services are exposed. Exploitation requires no authentication or user interaction, allowing attackers to disrupt availability of printing services on affected systems.
Comment 1 errata-xmlrpc 2025-09-11 15:19:35 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2025:15701 https://access.redhat.com/errata/RHSA-2025:15701
Comment 2 errata-xmlrpc 2025-09-11 15:22:46 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:15700 https://access.redhat.com/errata/RHSA-2025:15700
Comment 3 errata-xmlrpc 2025-09-24 15:35:50 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:16590 https://access.redhat.com/errata/RHSA-2025:16590
Comment 4 errata-xmlrpc 2025-09-24 15:42:47 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2025:16591 https://access.redhat.com/errata/RHSA-2025:16591
Comment 5 errata-xmlrpc 2025-09-24 16:22:35 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:16592 https://access.redhat.com/errata/RHSA-2025:16592
Note You need to log in before you can comment on or make changes to this bug.