Skip to main content

Red Hat CVE-2026-34979

| EUVDEUVD-2026-18885 MEDIUM
Heap-based Buffer Overflow (CWE-122)
2026-04-03 GitHub_M
5.3
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
5.3 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
SUSE
MEDIUM
qualitative
Red Hat
5.3 MEDIUM
qualitative

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low

Lifecycle Timeline

3
EUVD ID Assigned
Apr 03, 2026 - 21:30 euvd
EUVD-2026-18885
Analysis Generated
Apr 03, 2026 - 21:30 vuln.today
CVE Published
Apr 03, 2026 - 21:16 nvd
MEDIUM 5.3

DescriptionGitHub Advisory

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, there is a heap-based buffer overflow in the CUPS scheduler when building filter option strings from job attribute. At time of publication, there are no publicly available patches.

AnalysisAI

Heap-based buffer overflow in OpenPrinting CUPS scheduler versions 2.4.16 and prior allows unauthenticated remote attackers to trigger a denial of service condition by crafting malicious job attributes that overflow buffers during filter option string construction. With a CVSS score of 5.3 and network accessibility, this vulnerability impacts availability on exposed CUPS instances; no public exploit code or vendor patch has been released as of publication.

Technical ContextAI

OpenPrinting CUPS is the standard printing system for Linux and Unix-like environments. The vulnerability exists in the scheduler component's filter option string builder, which processes job attributes without proper bounds checking when constructing filter commands. This heap-based buffer overflow (CWE-122) occurs in memory regions allocated on the heap-typically used for dynamic data structures-allowing attackers to write beyond allocated buffer boundaries. The flaw is triggered during job attribute parsing, which occurs before authentication and access control checks in the CUPS processing pipeline.

RemediationAI

No vendor-released patch identified at time of analysis. Organizations should monitor the OpenPrinting CUPS repository (https://github.com/OpenPrinting/cups) and the security advisory GHSA-6qxf-7jx6-86fh for patch releases. Until a patch is available, mitigate risk by restricting network access to the CUPS daemon (typically listening on localhost:631) using firewall rules to limit exposure to trusted internal networks only. Disable remote printing if not required. Consider running CUPS in a sandboxed environment or behind a network access control proxy. Subscribe to the OpenPrinting mailing list for notifications when patches are released.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Micro 5.2 Fixed
SUSE Linux Enterprise Micro 5.3 Fixed
SUSE Linux Enterprise Micro 5.4 Fixed

Share

CVE-2026-34979 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy