CVE-2025-61915: OpenPrinting CUPS vulnerable to stack based out-of-bound write

Published Nov 20, 2025
·
Updated

A user in group defined by SystemGroup directive in /etc/cups/cups-files.conf can use the cups web ui to change the config and insert a malicious line. Then the cupsd process which runs as root will parse the new config and cause an out-of-bound write.

Affected Software

7 affected componentsFixes available
OpenPrinting CUPS<2.4.15
Microsoft cbl2 cups 2.3.3op2-10
All of the following
OpenPrinting CUPS<2.4.15
Opengroup Unix
Microsoft azl3 cups 2.4.13-1
Patch available
Microsoft cbl2 cups 2.3.3op2-10
Patch available
Microsoft cbl2 cups 2.3.3op2-11
Patch available

Remediation

Patch Available

https://github.com/OpenPrinting/cups/commit/db8d560262c22a21ee1e55dfd62fa98d9359bcb0

Event History

Nov 20, 2025
Data Sourced
via Red Hat·03:27 AM
DescriptionSeverityAffected Software
Nov 29, 2025
CVE Published
via MITRE·02:15 AM
Data Sourced
via MITRE·02:15 AM
DescriptionSeverityWeakness
Data Sourced
via NVD·03:15 AM
RemedyDescriptionSeverityWeaknessAffected Software
Nov 30, 2025
Data Sourced
via Microsoft·01:01 AM
DescriptionSeverityWeaknessAffected Software
Updated
via Microsoft·01:01 AM
Affected Software
Updated
via Microsoft·01:01 AM
DescriptionSeverity
Updated
via Microsoft·09:01 AM
DescriptionSeverity
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2025-61915?

CVE-2025-61915 has a high severity rating as it allows a user in the lpadmin group to potentially execute arbitrary code as root.

2

How do I fix CVE-2025-61915?

To fix CVE-2025-61915, upgrade to OpenPrinting CUPS version 2.4.15 or later.

3

Who is affected by CVE-2025-61915?

CVE-2025-61915 affects users of OpenPrinting CUPS prior to version 2.4.15, specifically those in the lpadmin group.

4

What actions can a malicious user take with CVE-2025-61915?

A malicious user can modify the CUPS configuration via the web UI to execute arbitrary commands as the root user.

5

Is there a workaround for CVE-2025-61915 before upgrading?

Disabling access to the CUPS web interface or restricting lpadmin group membership can serve as a temporary workaround for CVE-2025-61915.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203