CVE-2025-57812 is a vulnerability classified under CWE-125 (Out-of-bounds Read) and CWE-787 (Out-of-bounds Write) affecting the imagetoraster filter component of the CUPS-Filters package and its successor library libcupsfilters. CUPS is a widely used open-source printing system, and libcupsfilters handles data format conversions for printer applications. The flaw exists in versions up to 1.28.17 of cups-filters and versions 2.0.0 through 2.1.1 of libcupsfilters. The root cause is a mismatch between the allocated pixel buffer size and the size used during pixel processing of TIFF image files. Specifically, the buffer is allocated based on the number of pixels multiplied by a pre-calculated bytes-per-pixel value, but the processing function operates on the number of pixels multiplied by 3 bytes. When the bytes-per-pixel value is set to 1 via crafted print job options, this leads to out-of-bounds memory access during the processing of the TIFF image data. The vulnerability can be triggered by an attacker submitting a print job containing a maliciously crafted TIFF file and selecting a printer configuration that invokes the imagetoraster filter or its equivalent C function cfFilterImageToRaster(). In libcupsfilters 2.x, the vulnerable function is _cfImageReadTIFF(), which is called during cfFilterImageToRaster() execution. In cups-filters 1.x, the vulnerable code resides in _cupsImageReadTIFF(), called through cupsImageOpen() by the imagetoraster tool. Exploitation requires low privileges (print job submission rights) and no user interaction, but the attack vector is limited to network or local print job submission. The CVSS v3.1 base score is 3.7 (low severity), reflecting the limited impact and exploitation complexity. There are no known exploits in the wild. A patch fixing the vulnerability is available in the project repository (commit b69dfacec7f176281782e2f7ac44f04bf9633cfa).

For European organizations, this vulnerability primarily threatens the confidentiality and integrity of data processed by networked or local printing services using affected versions of CUPS-Filters or libcupsfilters. An attacker able to submit print jobs can exploit the out-of-bounds read/write to potentially leak sensitive memory contents or cause application instability, which might be leveraged for further attacks or denial of service. While the vulnerability does not directly allow remote code execution or system compromise, it could be a stepping stone in a multi-stage attack, especially in environments where print servers are exposed or poorly segmented. Organizations with centralized print management, shared printers, or automated print workflows are at higher risk. The impact is mitigated by the requirement for print job submission privileges and the need to craft specific TIFF files with precise options. However, given the prevalence of CUPS in Linux-based systems and many enterprise print environments, the vulnerability could affect a broad range of devices and services if unpatched.

European organizations should immediately identify and inventory all systems running affected versions of cups-filters (<=1.28.17) or libcupsfilters (>=2.0.0 and <2.1.1). They must apply the available patch from the official OpenPrinting repository or upgrade to libcupsfilters version 2.1.1 or later, where the vulnerability is fixed. Network segmentation and access controls should be enforced to restrict print job submission to trusted users and devices only. Implementing strict input validation and filtering on print servers to detect and block suspicious or malformed TIFF files can reduce exploitation risk. Monitoring print server logs for unusual print job parameters or TIFF file anomalies is recommended. Additionally, organizations should review printer configurations to limit the use of the imagetoraster filter or equivalent functions where possible. Regular vulnerability scanning and penetration testing focused on print infrastructure can help detect exploitation attempts. Finally, educating IT staff about this vulnerability and ensuring timely patch management processes are critical to maintaining secure printing environments.