CVE-2023-32324
Description
Moderate: cups security and bug fix update
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Mitigation details
Description cups: heap buffer overflow may lead to DoS CVSS v3: 5.9 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) Errata / fixed releases ProductPackageAdvisoryReleased Red Hat Enterprise Linux 8cups-1:2.2.6-54.el8_9RHSA-2023:71652023-11-14T00:00:00Z Red Hat Enterprise Linux 8cups-1:2.2.6-54.el8_9RHSA-2023:71652023-11-14T00:00:00Z Red Hat Enterprise Linux 8.6 Extended Update…
Description
cups: heap buffer overflow may lead to DoS
CVSS v3: 5.9 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
Errata / fixed releases
| Product | Package | Advisory | Released |
|---|---|---|---|
| Red Hat Enterprise Linux 8 | cups-1:2.2.6-54.el8_9 | RHSA-2023:7165 | 2023-11-14T00:00:00Z |
| Red Hat Enterprise Linux 8 | cups-1:2.2.6-54.el8_9 | RHSA-2023:7165 | 2023-11-14T00:00:00Z |
| Red Hat Enterprise Linux 8.6 Extended Update Support | cups-1:2.2.6-45.el8_6.4 | RHSA-2024:1101 | 2024-03-05T00:00:00Z |
| Red Hat Enterprise Linux 8.8 Extended Update Support | cups-1:2.2.6-51.el8_8.3 | RHSA-2024:1409 | 2024-03-19T00:00:00Z |
| Red Hat Enterprise Linux 9 | cups-1:2.3.3op2-21.el9 | RHSA-2023:6596 | 2023-11-07T00:00:00Z |
| Red Hat Enterprise Linux 9 | cups-1:2.3.3op2-21.el9 | RHSA-2023:6596 | 2023-11-07T00:00:00Z |
Package state
| Product | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 6 | cups | Out of support scope |
| Red Hat Enterprise Linux 7 | cups | Will not fix |
Apply commands
yum update -y cups
# or:
dnf upgrade -y cupsOS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| rhel | 9 | fixed | |
| debian | bookworm | fixed | 2.4.2-3+deb12u1 |
| debian | bullseye | fixed | 2.3.3op2-3+deb11u3 |
| debian | forky | fixed | 2.4.2-4 |
| debian | sid | fixed | 2.4.2-4 |
| debian | trixie | fixed | 2.4.2-4 |
| sles | affected | | |
| almalinux | 9 | fixed | cups-devel-2.3.3op2-21.el9.aarch64.rpm |
References
- https://access.redhat.com/errata/RHSA-2023:6596
- https://security-tracker.debian.org/tracker/CVE-2023-32324
- https://www.suse.com/security/cve/CVE-2023-32324.html
- https://access.redhat.com/errata/RHSA-2023:7165
- https://bugzilla.redhat.com/2209603
- https://bugzilla.redhat.com/2214914
- https://errata.almalinux.org/8/ALSA-2023-7165.html
- https://errata.almalinux.org/9/ALSA-2023-6596.html
💬 Discuss CVE-2023-32324 on VIR Community →
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.