CVE-2025-64524

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions cups-filters versions 2.0.1 and prior

Description cups-filters, which provides backends, filters, and other software for the cups printing service, contains a heap-buffer-overflow vulnerability in the rastertopclx filter. Processing maliciously crafted input data can cause the program to crash with a segmentation fault. This issue may allow for memory corruption, potentially leading to arbitrary code execution. The vulnerability requires additional permissions to install a printer with a PPD file calling the rastertopclx filter, which runs under the lp user.

Recommendations cups-filters versions prior to the version containing commit 956283c are affected.

Exploit

Fix

RCE

Memory Corruption

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-122

Related Identifiers

BDU:2026-03142

CVE-2025-64524

DLA-4380-1

GHSA-RQ44-2Q5P-X3HV

MGASA-2025-0312

OESA-2025-2751

OESA-2026-1119

OESA-2026-1120

OESA-2026-1121

OESA-2026-1122

OESA-2026-1123

SUSE-SU-2025:4158-1

SUSE-SU-2025:4198-1

USN-7878-1

USN-7878-2

Affected Products

Debian

Linuxmint

Suse

Ubuntu

Cups-Filters

CVE-2025-64524

Weakness Enumeration

Related Identifiers

Affected Products

References · 57