CVE-2025-57812

一、漏洞信息
 漏洞编号：[CVE-2025-57812](https://nvd.nist.gov/vuln/detail/CVE-2025-57812)
 漏洞归属组件：[cups-filters](https://gitee.com/src-openeuler/cups-filters)
 漏洞归属的版本：1.26.1,1.28.15,1.28.9
 CVSS V3.0分值：
  BaseScore：3.7 Low
  Vector：CVSS：3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
 漏洞简述：
  CUPS is a standards-based, open-source printing system, and libcupsfilters contains the code of the filters of the former cups-filters package. In CUPS-Filters versions up to and including 1.28.17 and libcupsfilters versions 2.0.0 through 2.1.1, the imagetoraster filter has an out of bounds read/write vulnerability in the processing of TIFF image files. While the pixel buffer is allocated with the number of pixels times a pre-calculated bytes-per-pixel value, the function which processes these pixels is called with a size of the number of pixels times 3. When suitable inputs are passed, the bytes-per-pixel value can be set to 1 and bytes outside of the buffer bounds get processed. An attacker must issue a print job with a crafted TIFF file and control the bytes-per-pixel value of the output format. The vulnerability exists in both CUPS-Filters 1.x and libcupsfilters 2.x. A patch is available in commit b69dfacec7f176281782e2f7ac44f04bf9633cfa.
 漏洞公开时间：2025-11-13 03:15:36
 漏洞创建时间：2025-11-13 09:51:20
 漏洞详情参考链接：
  https://nvd.nist.gov/vuln/detail/CVE-2025-57812
<details>
<summary>更多参考(点击展开)</summary>

| 参考来源 | 参考链接 | 来源链接 |
| ------- | -------- | -------- |
|  | https://github.com/OpenPrinting/cups-filters/blob/3c58463e341b12c9d30d7d3807d2bac1bc595a78/cupsfilters/image-tiff.c#L34 |  |
|  | https://nvd.nist.gov/vuln/detail/CVE-2025-57812 |  |
|  | http://www.openwall.com/lists/oss-security/2025/11/12/1 |  |
|  | https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-jpxg-qc2c-hgv4 |  |
|  | https://advisories.mageia.org/MGASA-2025-0304.html |  |
|  | https://www.mend.io/vulnerability-database/CVE-2025-57812 |  |
|  | https://github.com/OpenPrinting/libcupsfilters/blob/33421982e10f6a14bc0bab03b80c9cf4660e8d7d/cupsfilters/image-tiff.c#L32 |  |
|  | https://github.com/OpenPrinting/cups-filters/blob/3c58463e341b12c9d30d7d3807d2bac1bc595a78/filter/imagetoraster.c#L613 |  |
|  | https://bugs.mageia.org/show_bug.cgi?id=34746 |  |
|  | https://security-tracker.debian.org/tracker/CVE-2025-57812 |  |
|  | https://github.com/OpenPrinting/libcupsfilters/commit/b69dfacec7f176281782e2f7ac44f04bf9633cfa |  |

</details>

漏洞分析指导链接：
  https://gitee.com/openeuler/cve-manager/blob/master/cve-vulner-manager/doc/md/manual.md
 漏洞数据来源:
  其他
 漏洞补丁信息：
  <details>
<summary>详情(点击展开)</summary>

| 影响的包 | 修复版本 | 修复补丁 | 问题引入补丁 | 来源  |
| ------- | -------- | ------- | -------- | --------- |
| OpenPrinting/cups-filters |  | https://github.com/OpenPrinting/libcupsfilters/commit/b69dfacec7f176281782e2f7ac44f04bf9633cfa |  | ljqc |
| OpenPrinting/libcupsfilters |  | https://github.com/OpenPrinting/libcupsfilters/commit/b69dfacec7f176281782e2f7ac44f04bf9633cfa |  | ljqc |
|  |  | https://github.com/OpenPrinting/libcupsfilters/commit/b69dfacec7f176281782e2f7ac44f04bf9633cfa |  | cvelistv5 |

</details>

二、漏洞分析结构反馈
 影响性分析说明：
  CUPS-Filters’ imagetoraster filter has an out of bounds read/write vulnerability in the processing of TIFF image files. While the pixel buffer is allocated with the number of pixels times a pre-calculated bytes-per-pixel value, the function which processes these pixels is called with a size of the number of pixels times 3. When suitable inputs are passed, the bytes-per-pixel value can be set to 1 and bytes outside of the buffer bounds get processed.
 openEuler评分：
  3.7
 Vector：CVSS：3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
 受影响版本排查(受影响/不受影响)：
  1.openEuler-20.03-LTS-SP4(1.26.1):受影响
2.openEuler-22.03-LTS-SP3:受影响
3.openEuler-22.03-LTS-SP4:受影响
4.openEuler-24.03-LTS(1.28.15):受影响
5.openEuler-24.03-LTS-Next(1.28.15):受影响
6.openEuler-24.03-LTS-SP1(1.28.15):受影响
7.openEuler-24.03-LTS-SP2(1.28.15):受影响
8.master(2.0.1):不受影响

修复是否涉及abi变化(是/否)：
  1.master(2.0.1):否
2.openEuler-20.03-LTS-SP4(1.26.1):否
3.openEuler-22.03-LTS-SP3:否
4.openEuler-22.03-LTS-SP4:否
5.openEuler-24.03-LTS(1.28.15):否
6.openEuler-24.03-LTS-Next(1.28.15):否
7.openEuler-24.03-LTS-SP1(1.28.15):否
8.openEuler-24.03-LTS-SP2(1.28.15):否

原因说明：
  1.openEuler-24.03-LTS(1.28.15):正常修复
2.openEuler-24.03-LTS-Next(1.28.15):正常修复
3.openEuler-24.03-LTS-SP1(1.28.15):正常修复
4.openEuler-24.03-LTS-SP2(1.28.15):正常修复
5.openEuler-20.03-LTS-SP4(1.26.1):正常修复
6.openEuler-22.03-LTS-SP3:正常修复
7.openEuler-22.03-LTS-SP4:正常修复
8.master(2.0.1):不受影响-漏洞代码不存在

三、漏洞修复
安全公告链接：https://www.openeuler.org/zh/security/safety-bulletin/detail/?id=openEuler-SA-2025-2719

src-openEuler/cups-filters
关闭

内容风险标识

评论 (20)

src-openEuler/cups-filters关闭 .gitee-modal { width: 500px !important; }

内容风险标识

CVE-2025-57812

评论 (20)

搜索帮助

src-openEuler/cups-filters
关闭