CVE-2023-4504: OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow
First published: Wed Sep 20 2023(Updated: )
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.
Credit: cve@takeonme.org cve@takeonme.org cve@takeonme.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/cups | <=2.2.10-6+deb10u6<=2.3.3op2-3+deb11u2 | 2.2.10-6+deb10u9 2.3.3op2-3+deb11u6 2.4.2-3+deb12u4 2.4.7-1 |
| debian/libppd | 2:0.10-7.3 2:0.10-9 | |
| ubuntu/cups | <2.3.1-9ubuntu1.6 | 2.3.1-9ubuntu1.6 |
| ubuntu/cups | <2.4.1 | 2.4.1 |
| ubuntu/cups | <2.4.2-3ubuntu2.5 | 2.4.2-3ubuntu2.5 |
| ubuntu/cups | <2.2.7-1ubuntu2.10+ | 2.2.7-1ubuntu2.10+ |
| ubuntu/cups | <2.1.3-4ubuntu0.11+ | 2.1.3-4ubuntu0.11+ |
| ubuntu/cups | <2.4.6-0ubuntu2 | 2.4.6-0ubuntu2 |
| ubuntu/libppd | <2:2.0~ | 2:2.0~ |
| ubuntu/libppd | <2:2.0~ | 2:2.0~ |
| OpenPrinting CUPS | <2.4.7 | |
| Openprinting Libppd | =2.0-rc2 | |
| Fedoraproject Fedora | =37 | |
| Fedoraproject Fedora | =38 | |
| Fedoraproject Fedora | =39 | |
| Debian Debian Linux | =10.0 | |
| <2.4.7 | ||
| =2.0-rc2 | ||
| =37 | ||
| =38 | ||
| =39 | ||
| =10.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/OpenPrinting/cups/releases/tag/v2.4.7
- https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h
- https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6
- https://takeonme.org/cves/CVE-2023-4504.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/
- https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/
- https://launchpad.net/bugs/cve/CVE-2023-4504
- https://www.openwall.com/lists/oss-security/2023/09/20/3
- https://github.com/OpenPrinting/cups/commit/2431caddb7e6a87f04ac90b5c6366ad268b6ff31
- https://github.com/OpenPrinting/libppd/commit/fae71641faa2d778e79245b788a90c0cd5d2cb4b
- https://github.com/OpenPrinting/libppd/commit/262c909ac5b8676d1c221584c5a760e5e83fae66
- https://security-tracker.debian.org/tracker/CVE-2023-4504
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4504
- https://ubuntu.com/security/notices/USN-6391-1
- https://ubuntu.com/security/notices/USN-6392-1
- https://ubuntu.com/security/notices/USN-6391-2
- https://nvd.nist.gov/vuln/detail/CVE-2023-4504
- https://ubuntu.com/security/CVE-2023-4504
Frequently Asked Questions
What is CVE-2023-4504?
CVE-2023-4504 is a vulnerability in CUPS and libppd that allows for a heap-based buffer overflow and possible code execution.
How can an attacker exploit CVE-2023-4504?
An attacker can exploit CVE-2023-4504 by crafting a malicious PPD PostScript document and supplying it to CUPS or libppd for processing.
What is the severity of CVE-2023-4504?
CVE-2023-4504 has a severity rating of high.
Has CVE-2023-4504 been fixed?
Yes, CVE-2023-4504 has been fixed in CUPS version 2.4.7.
Where can I find more information about CVE-2023-4504?
You can find more information about CVE-2023-4504 at the following links: [CVE Details](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4504), [TakeOnMe](https://takeonme.org/cves/CVE-2023-4504.html), [Ubuntu Security Notice](https://ubuntu.com/security/notices/USN-6391-1).
- collector/oss-sec
- alias/CVE-2023-4504
- collector/launchpad-cve
- collector/security-tracker-debian
- collector/usn-cve
- collector/nvd-index
- collector/nvd-cve
- agent/type
- agent/first-publish-date
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/title
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/event
- agent/softwarecombine
- agent/tags
- agent/trending
- agent/source
- package-manager/debian
- package-manager/ubuntu
- vendor/openprinting
- canonical/openprinting cups
- canonical/openprinting libppd
- version/openprinting libppd/2.0-rc2
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/37
- version/fedoraproject fedora/38
- version/fedoraproject fedora/39
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/10.0