CVE-2025-57812

Name of the Vulnerable Software and Affected Versions CUPS-Filters versions up to and including 1.28.17 libcupsfilters versions 2.0.0 through 2.1.1

Description CUPS is a standards-based, open-source printing system, and libcupsfilters contains the code of the filters of the former cups-filters package as library functions. The imagetoraster filter has an out-of-bounds read/write issue in the processing of TIFF image files. This occurs because the pixel buffer is allocated with a pre-calculated bytes-per-pixel value, but the processing function is called with a size based on three times the number of pixels. This allows processing of bytes outside the buffer bounds when the bytes-per-pixel value is set to 1. An attacker can trigger this by issuing a print job with a crafted TIFF file and controlling the bytes-per-pixel value of the output format. The vulnerable function in CUPS-Filters 2.x is cfImageReadTIFF() within cfFilterImageToRaster(), and in CUPS-Filters 1.x, it is cupsImageReadTIFF() called through cupsImageOpen() from the imagetoraster tool.

Recommendations CUPS-Filters versions up to and including 1.28.17 should be updated. libcupsfilters versions 2.0.0 through 2.1.1 should be updated.