Nixpkgs security tracker
4.3 MEDIUM
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Adjacent (A)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): Low (L)
- Integrity (I): None (N)
- Availability (A): None (N)
- Modified Attack Vector (MAV): Adjacent (A)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): Low (L)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): None (N)
- Modified Availability (MA): None (N)
by @LeSuisse Activity log
- Created suggestion
-
@LeSuisse
ignored
72 packages
- apcupsd
- cups-bjnp
- cups-dymo
- carps-cups
- cups-zj-58
- cups-browsed
- cups-filters
- cups-kyocera
- cups-printers
- gutenprintBin
- cups-kyodialog
- cups-pk-helper
- gutenprint-bin
- libcupsfilters
- canon-cups-ufr2
- cups-idprt-tspl
- cups-pdf-to-pdf
- cups-idprt-mt888
- cups-idprt-mt890
- cups-idprt-sp900
- cups-idprt-barcode
- brgenml1cupswrapper
- mfc465cncupswrapper
- cups-brother-dcpt310
- cups-toshiba-estudio
- dcp375cw-cupswrapper
- magicard-cups-driver
- cups-kyocera-ecosys-m2x35-40-p2x35-40dnw
- tests.home-assistant-components.apcupsd
- home-assistant-component-tests.apcupsd
- cups-brother-hll3230cdw.x86_64-linux
- home-assistant-component-tests.cups
- cups-brother-hll2340dw.x86_64-linux
- cups-brother-hl3140cw.x86_64-linux
- cups-brother-hl2260d.x86_64-linux
- cups-brother-hl1210w.x86_64-linux
- cups-brother-hl1110.x86_64-linux
- cups-kyocera-ecosys-m552x-p502x
- mfcj470dwlpr.x86_64-linux
- python313Packages.pycups
- cups-brother-dcpl3550cdw
- cups-brother-dcp1610wlpr
- perl540Packages.NetCUPS
- dcp9020cdw-cupswrapper
- mfcj6510dw-cupswrapper
- mfcl3770cdwcupswrapper
- mfcl8690cdwcupswrapper
- cups-brother-dcpl2550dw
- cups-brother-mfcl2710dw
- cups-brother-mfcl2750dw
- cups-brother-mfcl2800dw
- perl538Packages.NetCUPS
- python312Packages.pycups
- python314Packages.pycups
- prometheus-apcupsd-exporter
- gnomeExtensions.apcups-monitor
- mfc5890cncupswrapper
- mfcj880dwcupswrapper
- perlPackages.NetCUPS
- dcpj785dw-cupswrapper
- mfc9140cdncupswrapper
- mfcj470dw-cupswrapper
- mfcl2700dncupswrapper
- mfcl2720dwcupswrapper
- mfcl2740dwcupswrapper
- perl5Packages.NetCUPS
- cups-brother-dcpt720dw
- cups-brother-dcpt725dw
- cups-brother-hl3170cdw
- cups-brother-hll2350dw
- cups-brother-hll2375dw
- cups-kyocera-3500-4500
- @LeSuisse accepted
- @LeSuisse published on GitHub
OpenPrinting CUPS: Heap out-of-bounds read in SNMP supply-level polling leaks stack memory to authenticated users
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to 2.4.17, a network-adjacent attacker can send a crafted SNMP response to the CUPS SNMP backend that causes an out-of-bounds read of up to 176 bytes past a stack buffer. The leaked memory is converted from UTF-16 to UTF-8 and stored as printer supply description strings, which are subsequently visible to authenticated users via IPP Get-Printer-Attributes responses and the CUPS web interface. This vulnerability is fixed in 2.4.17.
References
-
https://github.com/OpenPrinting/cups/security/advisories/GHSA-6wpw-g8g6-wvrv x_refsource_CONFIRM
Ignored references (1)
Affected products
- ==< 2.4.17
Matching in nixpkgs
Ignored packages (72)
pkgs.apcupsd
Daemon for controlling APC UPSes
pkgs.cups-bjnp
CUPS back-end for Canon printers
pkgs.cups-dymo
CUPS Linux drivers and SDK for DYMO printers
pkgs.carps-cups
CUPS Linux drivers for Canon printers
-
nixos-unstable 2018-03-05
- nixpkgs-unstable 2018-03-05
- nixos-unstable-small 2018-03-05
pkgs.cups-zj-58
CUPS filter for thermal printer Zjiang ZJ-58
-
nixos-unstable 58-0-unstable-2019-04-28
- nixpkgs-unstable 58-0-unstable-2019-04-28
- nixos-unstable-small 58-0-unstable-2019-04-28
pkgs.cups-browsed
Daemon for browsing the Bonjour broadcasts of shared, remote CUPS printers
pkgs.cups-filters
Backends, filters, and other software that was once part of the core CUPS distribution but is no longer maintained by Apple Inc
pkgs.cups-kyocera
CUPS drivers for several Kyocera FS-{1020,1025,1040,1060,1120,1125} printers
pkgs.cups-printers
Tool for interacting with a CUPS server
pkgs.gutenprintBin
Some additional CUPS drivers including Canon drivers
pkgs.cups-kyodialog
CUPS drivers for several Kyocera printers
-
nixos-unstable 9.4-20240521
- nixpkgs-unstable 9.4-20240521
- nixos-unstable-small 9.4-20240521
pkgs.cups-pk-helper
PolicyKit helper to configure cups with fine-grained privileges
pkgs.gutenprint-bin
Some additional CUPS drivers including Canon drivers
pkgs.libcupsfilters
Backends, filters, and other software that was once part of the core CUPS distribution but is no longer maintained by Apple Inc
pkgs.canon-cups-ufr2
CUPS Linux drivers for Canon printers
pkgs.cups-idprt-tspl
CUPS drivers for TSPL-based iDPRT thermal label printers (SP210, SP310, SP320, SP320E, SP410, SP410BT, SP420, SP450, SP460BT)
pkgs.cups-pdf-to-pdf
CUPS backend that turns print jobs into searchable PDF files
-
nixos-unstable 0-unstable-2021-12-22
- nixpkgs-unstable 0-unstable-2021-12-22
- nixos-unstable-small 0-unstable-2021-12-22
pkgs.cups-idprt-mt888
CUPS driver for the iDPRT MT888
-
nixos-unstable mt888-1.2.0
- nixpkgs-unstable mt888-1.2.0
- nixos-unstable-small mt888-1.2.0
pkgs.cups-idprt-mt890
CUPS driver for the iDPRT MT890
-
nixos-unstable mt890-1.2.0
- nixpkgs-unstable mt890-1.2.0
- nixos-unstable-small mt890-1.2.0
pkgs.cups-idprt-sp900
CUPS driver for the iDPRT SP900
-
nixos-unstable sp900-1.4.0
- nixpkgs-unstable sp900-1.4.0
- nixos-unstable-small sp900-1.4.0
pkgs.brgenml1cupswrapper
Brother BrGenML1 CUPS wrapper driver
pkgs.mfc465cncupswrapper
Brother MFC-465CN CUPS wrapper driver
pkgs.cups-brother-dcpt310
Brother DCP-T310 printer driver
-
nixos-unstable dcpt310-1.0.1
- nixpkgs-unstable dcpt310-1.0.1
- nixos-unstable-small dcpt310-1.0.1
pkgs.cups-toshiba-estudio
Printer only driver for the Toshiba e-STUDIO class of printers
pkgs.dcp375cw-cupswrapper
Brother dcp375cw printer CUPS wrapper driver
pkgs.magicard-cups-driver
CUPS driver for Magicard Printers
pkgs.mfc5890cncupswrapper
Brother MFC-5890CN CUPS wrapper driver
pkgs.mfcj880dwcupswrapper
Brother MFC-J880DW CUPS wrapper driver
pkgs.perlPackages.NetCUPS
Common Unix Printing System Interface
pkgs.dcpj785dw-cupswrapper
Brother dcpj785dw printer CUPS wrapper driver
pkgs.mfc9140cdncupswrapper
Brother MFC-9140CDN CUPS wrapper driver
pkgs.mfcj470dw-cupswrapper
Brother MFC-J470DW CUPS wrapper driver
pkgs.mfcl2700dncupswrapper
Brother MFC-L2700DN CUPS wrapper driver
pkgs.mfcl2720dwcupswrapper
Brother MFC-L2720DW CUPS wrapper driver
pkgs.mfcl2740dwcupswrapper
Brother MFC-L2740DW CUPS wrapper driver
pkgs.perl5Packages.NetCUPS
Common Unix Printing System Interface
pkgs.cups-brother-dcpt720dw
Brother DCP-T720DW printer driver
-
nixos-unstable dcpt720dw-3.5.0-1
- nixpkgs-unstable dcpt720dw-3.5.0-1
- nixos-unstable-small dcpt720dw-3.5.0-1
pkgs.cups-brother-dcpt725dw
Brother DCP-T725DW printer driver
-
nixos-unstable dcpt725dw-3.5.0-1
- nixpkgs-unstable dcpt725dw-3.5.0-1
- nixos-unstable-small dcpt725dw-3.5.0-1
pkgs.cups-brother-hl3170cdw
Brother hl3170cdw printer driver
-
nixos-unstable hl3170cdw-1.1.4-0
- nixpkgs-unstable hl3170cdw-1.1.4-0
- nixos-unstable-small hl3170cdw-1.1.4-0
pkgs.cups-brother-hll2350dw
Brother HL-L2350DW printer driver
-
nixos-unstable hll2350dw-4.0.0-1
- nixpkgs-unstable hll2350dw-4.0.0-1
- nixos-unstable-small hll2350dw-4.0.0-1
pkgs.cups-brother-hll2375dw
Brother HLL2375DW printer driver
-
nixos-unstable hll2375dw-4.0.0-1
- nixpkgs-unstable hll2375dw-4.0.0-1
- nixos-unstable-small hll2375dw-4.0.0-1
pkgs.cups-kyocera-3500-4500
CUPS drivers for Kyocera ECOSYS MA3500cix, MA3500cifx, MA4000cix, MA4000cifx, PA3500cx, PA4000cx and PA4500cx, for Kyocera CS MA4500ci and PA4500ci, and for Kyocera TASKalfa MA3500ci, MA4500ci and PI4500ci printers
-
nixos-unstable 3500-4500-9.0-20221003
- nixpkgs-unstable 3500-4500-9.0-20221003
- nixos-unstable-small 3500-4500-9.0-20221003
pkgs.dcp9020cdw-cupswrapper
Brother dcp9020cdw printer CUPS wrapper driver
pkgs.mfcj6510dw-cupswrapper
Brother MFC-J6510DW CUPS wrapper driver
pkgs.mfcl3770cdwcupswrapper
Brother MFCL3770CDW CUPS wrapper driver
pkgs.mfcl8690cdwcupswrapper
Brother MFC-L8690CDW CUPS wrapper driver
pkgs.cups-brother-dcpl2550dw
Brother DCP-L2550DW printer driver
-
nixos-unstable dcpl2550dw-4.0.0-1
- nixpkgs-unstable dcpl2550dw-4.0.0-1
- nixos-unstable-small dcpl2550dw-4.0.0-1
pkgs.cups-brother-mfcl2710dw
Brother MFC-L2710DW printer driver
-
nixos-unstable mfcl2710dw-4.0.0-1
- nixpkgs-unstable mfcl2710dw-4.0.0-1
- nixos-unstable-small mfcl2710dw-4.0.0-1
pkgs.cups-brother-mfcl2750dw
Brother MFC-L2750DW printer driver
-
nixos-unstable mfcl2750dw-4.0.0-1
- nixpkgs-unstable mfcl2750dw-4.0.0-1
- nixos-unstable-small mfcl2750dw-4.0.0-1
pkgs.cups-brother-mfcl2800dw
Brother MFC-L2750DW printer driver
-
nixos-unstable mfcl2800dw-4.1.0-1
- nixpkgs-unstable mfcl2800dw-4.1.0-1
- nixos-unstable-small mfcl2800dw-4.1.0-1
pkgs.perl538Packages.NetCUPS
None
pkgs.perl540Packages.NetCUPS
None
pkgs.cups-brother-dcp1610wlpr
Brother DCP-1610W printer driver
-
nixos-unstable dcp1610wlpr-3.0.1-1
- nixpkgs-unstable dcp1610wlpr-3.0.1-1
- nixos-unstable-small dcp1610wlpr-3.0.1-1
pkgs.cups-brother-dcpl3550cdw
Brother DCP-L3550CDW printer driver
-
nixos-unstable dcpl3550cdw-1.0.2-0
- nixpkgs-unstable dcpl3550cdw-1.0.2-0
- nixos-unstable-small dcpl3550cdw-1.0.2-0
pkgs.python312Packages.pycups
None
pkgs.python313Packages.pycups
Python bindings for libcups
pkgs.python314Packages.pycups
Python bindings for libcups
pkgs.mfcj470dwlpr.x86_64-linux
Brother MFC-J470DW LPR driver
pkgs.prometheus-apcupsd-exporter
Provides a Prometheus exporter for the apcupsd Network Information Server (NIS)
pkgs.gnomeExtensions.apcups-monitor
A subtle UPS load monitor for the panel. If you have an APC UPS.
pkgs.cups-kyocera-ecosys-m552x-p502x
PPD files for Kyocera ECOSYS M5521cdn/M5521cdw/M5526cdn/M5526cdw/P5021cdn/P5021cdw/P5026cdn/P5026cdw
-
nixos-unstable m552x-p502x-8.1602
- nixpkgs-unstable m552x-p502x-8.1602
- nixos-unstable-small m552x-p502x-8.1602
pkgs.cups-brother-hl1110.x86_64-linux
Brother HL1110 printer driver
-
nixos-unstable hl1110-3.0.1-1
- nixpkgs-unstable hl1110-3.0.1-1
- nixos-unstable-small hl1110-3.0.1-1
pkgs.cups-brother-hl1210w.x86_64-linux
Brother HL1210W printer driver
-
nixos-unstable hl1210W-3.0.1-1
- nixpkgs-unstable hl1210W-3.0.1-1
- nixos-unstable-small hl1210W-3.0.1-1
pkgs.cups-brother-hl2260d.x86_64-linux
Brother HL-2260D printer driver
-
nixos-unstable hl2260d-3.2.0-1
- nixpkgs-unstable hl2260d-3.2.0-1
- nixos-unstable-small hl2260d-3.2.0-1
pkgs.cups-brother-hl3140cw.x86_64-linux
Brother hl3140cw printer driver
-
nixos-unstable hl3140cw-1.1.4-0
- nixpkgs-unstable hl3140cw-1.1.4-0
- nixos-unstable-small hl3140cw-1.1.4-0
pkgs.cups-brother-hll2340dw.x86_64-linux
Brother hl-l2340dw printer driver
-
nixos-unstable hll2340dw-3.2.0-1
- nixpkgs-unstable hll2340dw-3.2.0-1
- nixos-unstable-small hll2340dw-3.2.0-1
pkgs.home-assistant-component-tests.cups
None
pkgs.cups-brother-hll3230cdw.x86_64-linux
Brother HL-L3230CDW printer driver
-
nixos-unstable hll3230cdw-1.0.2
- nixpkgs-unstable hll3230cdw-1.0.2
- nixos-unstable-small hll3230cdw-1.0.2
pkgs.home-assistant-component-tests.apcupsd
None
pkgs.tests.home-assistant-components.apcupsd
Open source home automation that puts local control and privacy first
pkgs.cups-kyocera-ecosys-m2x35-40-p2x35-40dnw
PPD files for Kyocera ECOSYS M2040dn/M2135dn/M2540dn/M2540dw/M2635dn/M2635dw/M2640idw/M2735dw/P2040dn/M2040dw/P2235dn/P2235dw
-
nixos-unstable m2x35-40-p2x35-40dnw-8.1606
- nixpkgs-unstable m2x35-40-p2x35-40dnw-8.1606
- nixos-unstable-small m2x35-40-p2x35-40dnw-8.1606