Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE CUPS Critical Security Advisory 2026-20231-1 CVE-2025-58060 DoS Risk

suse
Calendar Grey February 11, 2026
Dist Suse Esm H88
Critical SUSE CUPS update resolves multiple security issues including DoS risks. Install now to ensure system integrity.
An update that solves four vulnerabilities, contains two features and has one fix can now be installed.

Summary

## This update for cups fixes the following issues: Update to version 2.4.16. Security issues fixed: * CVE-2025-61915: local denial-of-service via cupsd.conf update and related issues (bsc#1253783). * CVE-2025-58436: slow client communication leads to a possible DoS attack (bsc#1244057). * CVE-2025-58364: unsafe deserialization and validation of printer attributes can cause a null dereference (bsc#1249128). * CVE-2025-58060: authentication bypass with AuthType Negotiate (bsc#1249049). Other updates and bugfixes: * Version upgrade to 2.4.16: * 'cupsUTF8ToCharset' didn't validate 2-byte UTF-8 sequences, potentially reading past the end of the source string (Issue #1438) * The web interface did not support domain usernames fully (Issue #1441)

Topics%20covered

Topics Covered

security advisory critical SuSE DoS cups

References

* bsc#1244057

* bsc#1249049

* bsc#1249128

* bsc#1253783

* bsc#1254353

* jsc#PED-14688

* jsc#PED-14775

Cross-

* CVE-2025-58060

* CVE-2025-58364

* CVE-2025-58436

* CVE-2025-61915

CVSS scores:

* CVE-2025-58060 ( SUSE ): 7.7

CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2025-58060 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2025-58060 ( NVD ): 8.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

* CVE-2025-58364 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2025-58364 ( NVD ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2025-58436 ( SUSE ): 8.2

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2025-58436 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity
critical
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:20231-1
Release Date: 2026-02-04T11:37:13Z
Rating: critical

Topics%20covered

Topics Covered

security advisory critical SuSE DoS cups

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here