Vulnerability Description
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a use-after-free vulnerability exists in the CUPS scheduler (cupsd) when temporary printers are automatically deleted. cupsdDeleteTemporaryPrinters() in scheduler/printers.c calls cupsdDeletePrinter() without first expiring subscriptions that reference the printer, leaving cupsd_subscription_t.dest as a dangling pointer to freed heap memory. The dangling pointer is subsequently dereferenced at multiple code sites, causing a crash (denial of service) of the cupsd daemon. With heap grooming, this can be leveraged for code execution.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openprinting | Cups | <= 2.4.16 |
Related Weaknesses (CWE)
References
- https://github.com/OpenPrinting/cups/security/advisories/GHSA-pjv5-prqp-46rgExploitVendor AdvisoryMitigation
FAQ
What is CVE-2026-39316?
CVE-2026-39316 is a vulnerability with a CVSS score of 4.0 (MEDIUM). OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a use-after-free vulnerability exists in the CUPS scheduler (cupsd) w...
How severe is CVE-2026-39316?
CVE-2026-39316 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-39316?
Check the references section above for vendor advisories and patch information. Affected products include: Openprinting Cups.