Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Ubuntu 20.04 LTS: Important CUPS Denial of Service Advisory USN-7912-2

ubuntu
Calendar Grey December 4, 2025
Dist Ubuntu Esm H88
Ubuntu updates fix CUPS denial of service risk with crafted network traffic vulnerabilities across multiple LTS releases.
CUPS could be made to stop responding if it received specially crafted network traffic.

Summary

CUPS could be made to stop responding if it received specially crafted

network traffic.

Software Description:

- cups: Common UNIX Printing System(tm)

Details:

USN-7912-1 fixed vulnerabilities in CUPS. This update provides the

corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu

20.04 LTS.

Original advisory details:

Johannes Meixner and Paul Zirnik discovered that CUPS incorrectly handled

clients that send messages slowly. A remote attacker could possibly use

this issue to cause CUPS to stop responding, resulting in a denial of

service. (CVE-2025-58436)

In addition, this update fixes a regression introduced in USN-7897-1 which

resulted in certain invalid configuration file directives to cause the

CUPS daemon to fail to start.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS
  cups                            2.3.1-9ubuntu1.9+esm4
                                  Available with Ubuntu Pro
  cups-daemon                     2.3.1-9ubuntu1.9+esm4
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  cups                            2.2.7-1ubuntu2.10+esm10
                                  Available with Ubuntu Pro
  cups-daemon                     2.2.7-1ubuntu2.10+esm10
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  cups                            2.1.3-4ubuntu0.11+esm12
                                  Available with Ubuntu Pro
  cups-daemon                     2.1.3-4ubuntu0.11+esm12
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7912-2

https://ubuntu.com/security/notices/USN-7912-1

CVE-2025-58436,

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7912-2

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here