Описание
In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the printer service with no additional execution privileges needed. User interaction is not needed for exploitation.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| cups | fixed | 2.2.12-1 | package | |
| cups | fixed | 2.2.10-6+deb10u1 | buster | package |
| cups | fixed | 2.2.1-8+deb9u4 | stretch | package |
Примечания
Covers the "Fixed IPP buffer overflow (rdar://50035411)" angle of
https://github.com/apple/cups/commit/f24e6cf6a39300ad0c3726a41a4aab51ad54c109
EPSS
Связанные уязвимости
In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the printer service with no additional execution privileges needed. User interaction is not needed for exploitation.
In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the printer service with no additional execution privileges needed. User interaction is not needed for exploitation.
In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the printer service with no additional execution privileges needed. User interaction is not needed for exploitation.
EPSS