Amazon Linux 2023 Security Advisory: ALAS2023-2025-1205
Advisory Released Date: 2025-09-29
Advisory Updated Date: 2025-09-29
A flaw was found in CUPS, a widely used printing service on Linux and UNIX-like systems. The issue arises when authentication is configured to use a method other than Basic, but the attacker sends an HTTP request with a Basic authentication header. Due to improper validation in the cupsdAuthorize() function, the password is not checked. This vulnerability allows attackers to bypass authentication entirely, resulting in unauthorized access to administrative functions and system configuration. (CVE-2025-58060)
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability available in local subnet in default configurations. It can cause the cups & cups-browsed to crash, on all the machines in local network who are listening for printers (so by default for all regular linux machines). On systems where the vulnerability CVE-2024-47176 (cups-filters 1.x/cups-browsed 2.x vulnerability) was not fixed, and the firewall on the machine does not reject incoming communication to IPP port, and the machine is set to be available to public internet, attack vector "Network" is possible. The current versions of CUPS and cups-browsed projects have the attack vector "Adjacent" in their default configurations. Version 2.4.13 contains a patch for CVE-2025-58364. (CVE-2025-58364)
Affected Packages:
cups
Issue Correction:
Run dnf update cups --releasever 2023.9.20250929 or dnf update --advisory ALAS2023-2025-1205 --releasever 2023.9.20250929 to update your system.
More information on how to update your system can be found on this page: Amazon Linux 2023 documentation
aarch64:
cups-lpd-2.4.14-1.amzn2023.0.1.aarch64
cups-client-debuginfo-2.4.14-1.amzn2023.0.1.aarch64
cups-debugsource-2.4.14-1.amzn2023.0.1.aarch64
cups-lpd-debuginfo-2.4.14-1.amzn2023.0.1.aarch64
cups-ipptool-2.4.14-1.amzn2023.0.1.aarch64
cups-ipptool-debuginfo-2.4.14-1.amzn2023.0.1.aarch64
cups-printerapp-debuginfo-2.4.14-1.amzn2023.0.1.aarch64
cups-printerapp-2.4.14-1.amzn2023.0.1.aarch64
cups-libs-debuginfo-2.4.14-1.amzn2023.0.1.aarch64
cups-devel-2.4.14-1.amzn2023.0.1.aarch64
cups-client-2.4.14-1.amzn2023.0.1.aarch64
cups-libs-2.4.14-1.amzn2023.0.1.aarch64
cups-debuginfo-2.4.14-1.amzn2023.0.1.aarch64
cups-2.4.14-1.amzn2023.0.1.aarch64
noarch:
cups-filesystem-2.4.14-1.amzn2023.0.1.noarch
src:
cups-2.4.14-1.amzn2023.0.1.src
x86_64:
cups-lpd-debuginfo-2.4.14-1.amzn2023.0.1.x86_64
cups-ipptool-debuginfo-2.4.14-1.amzn2023.0.1.x86_64
cups-debugsource-2.4.14-1.amzn2023.0.1.x86_64
cups-printerapp-debuginfo-2.4.14-1.amzn2023.0.1.x86_64
cups-devel-2.4.14-1.amzn2023.0.1.x86_64
cups-printerapp-2.4.14-1.amzn2023.0.1.x86_64
cups-ipptool-2.4.14-1.amzn2023.0.1.x86_64
cups-lpd-2.4.14-1.amzn2023.0.1.x86_64
cups-debuginfo-2.4.14-1.amzn2023.0.1.x86_64
cups-libs-debuginfo-2.4.14-1.amzn2023.0.1.x86_64
cups-client-debuginfo-2.4.14-1.amzn2023.0.1.x86_64
cups-libs-2.4.14-1.amzn2023.0.1.x86_64
cups-client-2.4.14-1.amzn2023.0.1.x86_64
cups-2.4.14-1.amzn2023.0.1.x86_64