Unrated severityNVD Advisory· Published Mar 26, 2018· Updated Aug 5, 2024
CVE-2017-18248
CVE-2017-18248
Description
The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification.
Affected products
5- osv-coords5 versionspkg:rpm/opensuse/cups&distro=openSUSE%20Tumbleweedpkg:rpm/suse/cups&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/cups&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/cups&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/cups&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
< 2.3.3op2-4.2+ 4 more
- (no CPE)range: < 2.3.3op2-4.2
- (no CPE)range: < 1.7.5-20.14.1
- (no CPE)range: < 1.7.5-20.14.1
- (no CPE)range: < 1.7.5-20.14.1
- (no CPE)range: < 1.7.5-20.14.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- usn.ubuntu.com/3713-1/mitrevendor-advisoryx_refsource_UBUNTU
- github.com/apple/cups/commit/49fa4983f25b64ec29d548ffa3b9782426007df3mitrex_refsource_CONFIRM
- github.com/apple/cups/issues/5143mitrex_refsource_CONFIRM
- github.com/apple/cups/releases/tag/v2.2.6mitrex_refsource_CONFIRM
- lists.debian.org/debian-lts-announce/2018/05/msg00018.htmlmitremailing-listx_refsource_MLIST
- lists.debian.org/debian-lts-announce/2018/07/msg00003.htmlmitremailing-listx_refsource_MLIST
- security.cucumberlinux.com/security/details.phpmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.