CVE-2020-3898

Published: 21 April 2020

A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. An application may be able to gain elevated privileges.

Priority

Medium

CVSS 3 base score: 7.8

Status

Package Release Status
cups
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 20.10 (Groovy Gorilla)
Released (2.3.3-1)
Ubuntu 20.04 LTS (Focal Fossa)
Released (2.3.1-9ubuntu1.1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (2.2.7-1ubuntu2.8)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (2.1.3-4ubuntu0.11)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Patches:
Vendor: https://src.fedoraproject.org/rpms/cups/blob/master/f/cups-ppdopen-heap-overflow.patch