user/cups: CVE-2022-26691: a logic error in the validation of the secret key used in the local authorisation mode of the CUPS printing system may result in privilege escalation.
Name | CVE-2022-26691 |
---|---|
Description | A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more) |
References | DLA-3029-1, DSA-5149-1 |
Debian Bugs | 1011769 |
Fixed by https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444.