Description
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Affected products
- Apple / cups1.3.7 – 1.3.7
- Apple / cups1.3.10 – 1.3.10
- Apple / mac_os_x10.5.8
- Apple / mac_os_x_server10.5.8
- Canonical / Ubuntu Linux8.04 – 8.04
- Canonical / Ubuntu Linux6.06 – 6.06
- Canonical / Ubuntu Linux8.10 – 8.10
- Canonical / Ubuntu Linux9.04 – 9.04
- Canonical / Ubuntu Linux9.10 – 9.10
- Debian / debian_linux5.0 – 5.0
- fedoraproject / fedora10 – 10
- RedHat / enterprise_linux5.0 – 5.0
References
- VENDOR_ADVISORYhttp://secunia.com/advisories/37364
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11183
- VENDOR_ADVISORYhttp://www.ubuntu.com/usn/USN-906-1
- MISChttp://www.redhat.com/support/errata/RHSA-2009-1595.html
- MISChttp://www.securityfocus.com/bid/37048
- VENDOR_ADVISORYhttp://support.apple.com/kb/HT4004
- VENDOR_ADVISORYhttp://www.debian.org/security/2011/dsa-2176
- MISChttp://www.cups.org/newsgroups.php/newsgroups.php?v5996+gcups.bugs
- MAILING_LISThttp://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html
- MISChttp://security.gentoo.org/glsa/glsa-201207-10.xml
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2011/0535
- VENDOR_ADVISORYhttp://secunia.com/advisories/37360
- VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:073
- MISChttp://www.cups.org/str.php?L3200
- MISChttps://bugzilla.redhat.com/show_bug.cgi?id=530111
- MISChttp://www.cups.org/newsgroups.php/newsgroups.php?v5994+gcups.bugs
- MISChttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg00332.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/43521
- VENDOR_ADVISORYhttp://secunia.com/advisories/38241
- MISChttp://www.cups.org/newsgroups.php/newsgroups.php?v6055+gcups.bugs
- MISChttp://sunsolve.sun.com/search/document.do?assetkey=1-66-275230-1
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2010/0173