Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Ubuntu 25.10: CUPS Low Denial of Service Advisory USN-7912-1

ubuntu
Calendar Grey December 4, 2025
Dist Ubuntu Esm H88
CUPS on Ubuntu found to have a DoS risk due to crafted network traffic. Review the latest security advisory.
CUPS could be made to stop responding if it received specially crafted network traffic.

Summary

CUPS could be made to stop responding if it received specially crafted

network traffic.

Software Description:

- cups: Common UNIX Printing System(tm)

Details:

Johannes Meixner and Paul Zirnik discovered that CUPS incorrectly handled

clients that send messages slowly. A remote attacker could possibly use

this issue to cause CUPS to stop responding, resulting in a denial of

service. (CVE-2025-58436)

In addition, this update fixes a regression introduced in USN-7897-1 which

resulted in certain invalid configuration file directives to cause the CUPS

daemon to fail to start.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  cups                            2.4.12-0ubuntu3.5
  cups-daemon                     2.4.12-0ubuntu3.5

Ubuntu 25.04
  cups                            2.4.12-0ubuntu1.6
  cups-daemon                     2.4.12-0ubuntu1.6

Ubuntu 24.04 LTS
  cups                            2.4.7-1.2ubuntu7.9
  cups-daemon                     2.4.7-1.2ubuntu7.9

Ubuntu 22.04 LTS
  cups                            2.4.1op1-1ubuntu4.16
  cups-daemon                     2.4.1op1-1ubuntu4.16

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7912-1

CVE-2025-58436,

Severity
low
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7912-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here