Advisories » MGASA-2023-0198

Updated cups packages fix security vulnerability

Publication date: 15 Jun 2023
Modification date: 15 Jun 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2023-32324

Description

A heap buffer overflow vulnerability would allow a remote attacker to
launch a denial of service (DoS) attack. A buffer overflow vulnerability
in the function 'format_log_line' could allow remote attackers to cause a
DoS on the affected system. Exploitation of the vulnerability can be
triggered when the configuration file 'cupsd.conf' sets the value of
loglevel to 'DEBUG'. (CVE-2023-32324)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=31987
• https://www.openwall.com/lists/oss-security/2023/06/01/1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32324

SRPMS

8/core

• cups-2.3.3op2-1.2.mga8