DEBIAN-CVE-2025-64524
- Source
- https://security-tracker.debian.org/tracker/CVE-2025-64524
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-64524.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2025-64524
- Upstream
- Published
- 2025-11-20T18:15:51.250Z
- Modified
- 2025-11-21T20:15:36.505199Z
- Severity
-
- 3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- [none]
- Details
-
cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. In versions 2.0.1 and prior, a heap-buffer-overflow vulnerability in the rastertopclx filter causes the program to crash with a segmentation fault when processing maliciously crafted input data. This issue can be exploited to trigger memory corruption, potentially leading to arbitrary code execution. This issue has been patched via commit 956283c.
- References
Affected packages
Debian:11 / cups-filters
Package
- Name
- cups-filters
- Purl
- pkg:deb/debian/cups-filters?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.28.7-1
1.28.7-1+deb11u1
1.28.7-1+deb11u2
1.28.7-1+deb11u3
1.28.8-1
1.28.8-2
1.28.8-3
1.28.9-1
1.28.10-1
1.28.10-2
1.28.11-1
1.28.11-2
1.28.12-1
1.28.13-1
1.28.14-1
1.28.15-1
1.28.16-1
1.28.17-1
1.28.17-2
1.28.17-3
1.28.17-3.1~exp1
1.28.17-3.1
1.28.17-4
1.28.17-4.1
1.28.17-5
1.28.17-6
1.28.17-7
Debian:12 / cups-filters
Package
- Name
- cups-filters
- Purl
- pkg:deb/debian/cups-filters?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Debian:13 / cups-filters
Package
- Name
- cups-filters
- Purl
- pkg:deb/debian/cups-filters?arch=source
Debian:14 / cups-filters
Package
- Name
- cups-filters
- Purl
- pkg:deb/debian/cups-filters?arch=source