Description
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.
Exploits (1)
References (11)
Core 11
Core References
Mailing List, Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html
Mailing List, Release Notes
https://lists.fedoraproject.org/archives/list/[email protected]/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/
Mailing List, Release Notes
https://lists.fedoraproject.org/archives/list/[email protected]/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/
Mailing List, Release Notes
https://lists.fedoraproject.org/archives/list/[email protected]/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/
Third Party Advisory
https://lists.fedoraproject.org/archives/list/[email protected]/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/
Mailing List, Release Notes
https://lists.fedoraproject.org/archives/list/[email protected]/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/
Mailing List
http://seclists.org/fulldisclosure/2024/Sep/33
Exploit technical-description
third-party-advisory
https://takeonme.org/cves/CVE-2023-4504.html
Exploit, Vendor Advisory vendor-advisory
https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6
Exploit, Vendor Advisory vendor-advisory
https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h
Release Notes release-notes
https://github.com/OpenPrinting/cups/releases/tag/v2.4.7
Scores
CVSS v3
7.0
EPSS
0.0003
EPSS Percentile
10.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-122
CWE-787
Status
published
Products (6)
debian/debian_linux
10.0
fedoraproject/fedora
37
fedoraproject/fedora
38
fedoraproject/fedora
39
openprinting/cups
< 2.4.7
openprinting/libppd
2.0 rc2
Published
Sep 21, 2023
Tracked Since
Feb 18, 2026