A buffer overflow vulnerability in the function |format_log_line| could allow remote attackers to cause a denial-of-service(DoS) on the affected system (not verified for possible arbitrary code execution). Exploitation of the vulnerability can be triggered when the configuration file |cupsd.conf| sets the value of |loglevel |to |DEBUG|.
Created cups tracking bugs for this issue: Affects: fedora-all [bug 2214939]
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:6596 https://access.redhat.com/errata/RHSA-2023:6596
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:7165 https://access.redhat.com/errata/RHSA-2023:7165
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2024:1101 https://access.redhat.com/errata/RHSA-2024:1101
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:1409 https://access.redhat.com/errata/RHSA-2024:1409