CVE-2026-39314

Name of the Vulnerable Software and Affected Versions OpenPrinting CUPS versions 2.4.16 and prior

Description OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. An integer underflow in the ppdCreateFromIPP() function (cups/ppd-cache.c) allows a local user to crash the cupsd root process by providing a negative job-password-supported IPP attribute. The validation only limits the upper bound, allowing a negative value to pass, which is then cast to size t, wrapping to a large positive value, and used as the length argument to memset() on a 33-byte stack buffer. This results in a SIGSEGV in the cupsd root process, potentially leading to a denial of service when combined with systemd's Restart=on-failure setting.

Recommendations Update to a version of OpenPrinting CUPS later than 2.4.16.