Security update for cups-filters SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:03225-1 Final 1 1 2025-09-15T11:38:52Z current 2025-09-15T11:38:52Z 2025-09-15T11:38:52Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for cups-filters This update for cups-filters fixes the following issues: - CVE-2024-47175: no validation of IPP attributes in `ppdCreatePPDFromIPP2` when writing to a temporary PPD file allows for the injection of attacker-controlled data to the resulting PPD (bsc#1230932). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-3225,SUSE-SLE-Module-Basesystem-15-SP6-2025-3225,SUSE-SLE-Module-Basesystem-15-SP7-2025-3225,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3225,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3225,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3225,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3225,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3225,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3225,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3225,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3225,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3225,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3225,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3225,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-3225,SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-3225,SUSE-Storage-7.1-2025-3225,openSUSE-SLE-15.6-2025-3225 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202503225-1/ Link for SUSE-SU-2025:03225-1 https://lists.suse.com/pipermail/sle-updates/2025-September/041702.html E-Mail link for SUSE-SU-2025:03225-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1230932 SUSE Bug 1230932 https://bugzilla.suse.com/1246533 SUSE Bug 1246533 https://www.suse.com/security/cve/CVE-2024-47175/ SUSE CVE CVE-2024-47175 page SUSE Enterprise Storage 7.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS SUSE Linux Enterprise Module for Basesystem 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Server 15 SP3-LTSS SUSE Linux Enterprise Server 15 SP4-LTSS SUSE Linux Enterprise Server 15 SP5-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP5 SUSE Manager Proxy LTS 4.3 SUSE Manager Server LTS 4.3 openSUSE Leap 15.6 cups-filters-1.25.0-150200.3.22.1 cups-filters-devel-1.25.0-150200.3.22.1 cups-filters-1.25.0-150200.3.22.1 as a component of SUSE Enterprise Storage 7.1 cups-filters-devel-1.25.0-150200.3.22.1 as a component of SUSE Enterprise Storage 7.1 cups-filters-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS cups-filters-devel-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS cups-filters-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS cups-filters-devel-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS cups-filters-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS cups-filters-devel-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS cups-filters-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS cups-filters-devel-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS cups-filters-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS cups-filters-devel-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS cups-filters-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 cups-filters-devel-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 cups-filters-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 cups-filters-devel-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 cups-filters-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS cups-filters-devel-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS cups-filters-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS cups-filters-devel-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS cups-filters-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS cups-filters-devel-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS cups-filters-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 cups-filters-devel-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 cups-filters-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 cups-filters-devel-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 cups-filters-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 cups-filters-devel-1.25.0-150200.3.22.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 cups-filters-1.25.0-150200.3.22.1 as a component of SUSE Manager Proxy LTS 4.3 cups-filters-devel-1.25.0-150200.3.22.1 as a component of SUSE Manager Proxy LTS 4.3 cups-filters-1.25.0-150200.3.22.1 as a component of SUSE Manager Server LTS 4.3 cups-filters-devel-1.25.0-150200.3.22.1 as a component of SUSE Manager Server LTS 4.3 cups-filters-1.25.0-150200.3.22.1 as a component of openSUSE Leap 15.6 cups-filters-devel-1.25.0-150200.3.22.1 as a component of openSUSE Leap 15.6 CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPrinterAttributes5`, can result in user controlled input and ultimately code execution via Foomatic. This vulnerability can be part of an exploit chain leading to remote code execution (RCE), as described in CVE-2024-47176. CVE-2024-47175 SUSE Enterprise Storage 7.1:cups-filters-1.25.0-150200.3.22.1 SUSE Enterprise Storage 7.1:cups-filters-devel-1.25.0-150200.3.22.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:cups-filters-1.25.0-150200.3.22.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:cups-filters-devel-1.25.0-150200.3.22.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:cups-filters-1.25.0-150200.3.22.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:cups-filters-devel-1.25.0-150200.3.22.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:cups-filters-1.25.0-150200.3.22.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:cups-filters-devel-1.25.0-150200.3.22.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cups-filters-1.25.0-150200.3.22.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:cups-filters-devel-1.25.0-150200.3.22.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cups-filters-1.25.0-150200.3.22.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:cups-filters-devel-1.25.0-150200.3.22.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:cups-filters-1.25.0-150200.3.22.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:cups-filters-devel-1.25.0-150200.3.22.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:cups-filters-1.25.0-150200.3.22.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:cups-filters-devel-1.25.0-150200.3.22.1 SUSE Linux Enterprise Server 15 SP3-LTSS:cups-filters-1.25.0-150200.3.22.1 SUSE Linux Enterprise Server 15 SP3-LTSS:cups-filters-devel-1.25.0-150200.3.22.1 SUSE Linux Enterprise Server 15 SP4-LTSS:cups-filters-1.25.0-150200.3.22.1 SUSE Linux Enterprise Server 15 SP4-LTSS:cups-filters-devel-1.25.0-150200.3.22.1 SUSE Linux Enterprise Server 15 SP5-LTSS:cups-filters-1.25.0-150200.3.22.1 SUSE Linux Enterprise Server 15 SP5-LTSS:cups-filters-devel-1.25.0-150200.3.22.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:cups-filters-1.25.0-150200.3.22.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:cups-filters-devel-1.25.0-150200.3.22.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:cups-filters-1.25.0-150200.3.22.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:cups-filters-devel-1.25.0-150200.3.22.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cups-filters-1.25.0-150200.3.22.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:cups-filters-devel-1.25.0-150200.3.22.1 SUSE Manager Proxy LTS 4.3:cups-filters-1.25.0-150200.3.22.1 SUSE Manager Proxy LTS 4.3:cups-filters-devel-1.25.0-150200.3.22.1 SUSE Manager Server LTS 4.3:cups-filters-1.25.0-150200.3.22.1 SUSE Manager Server LTS 4.3:cups-filters-devel-1.25.0-150200.3.22.1 openSUSE Leap 15.6:cups-filters-1.25.0-150200.3.22.1 openSUSE Leap 15.6:cups-filters-devel-1.25.0-150200.3.22.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503225-1/ https://www.suse.com/security/cve/CVE-2024-47175.html CVE-2024-47175 https://bugzilla.suse.com/1230932 SUSE Bug 1230932