vulnerability
Ubuntu: (Multiple Advisories) (CVE-2025-58436): CUPS vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:M/Au:N/C:N/I:N/A:C) | Nov 29, 2025 | Dec 5, 2025 | Dec 8, 2025 |
Severity
5
CVSS
(AV:L/AC:M/Au:N/C:N/I:N/A:C)
Published
Nov 29, 2025
Added
Dec 5, 2025
Modified
Dec 8, 2025
Description
Johannes Meixner and Paul Zirnik discovered that CUPS incorrectly handled
clients that send messages slowly. A remote attacker could possibly use
this issue to cause CUPS to stop responding, resulting in a denial of
service. (CVE-2025-58436)
In addition, this update fixes a regression introduced in USN-7897-1 which
resulted in certain invalid configuration file directives to cause the CUPS
daemon to fail to start.
Solutions
ubuntu-pro-upgrade-cupsubuntu-pro-upgrade-cups-daemon
References
- CVE-2025-58436
- https://attackerkb.com/topics/CVE-2025-58436
- CWE-400
- UBUNTU-USN-7912-1
- UBUNTU-USN-7912-2
- URL-https://github.com/OpenPrinting/cups/security/advisories/GHSA-8wpw-vfgm-qrrr
- URL-https://ubuntu.com/security/notices/USN-7912-1
- URL-https://ubuntu.com/security/notices/USN-7912-2
- URL-https://www.cve.org/CVERecord?id=CVE-2025-58436
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.