CVE-2025-58436 is an uncontrolled resource consumption vulnerability classified under CWE-400 affecting OpenPrinting's Common Unix Printing System (CUPS) prior to version 2.4.15. The vulnerability arises when a client connects to the cupsd daemon and sends data at an extremely slow rate, for example, one byte per second. This slow transmission causes the cupsd process to become delayed or blocked, effectively causing a denial of service (DoS) condition that impacts all clients attempting to use the printing service. The root cause is the lack of proper handling or timeout mechanisms for slow or stalled client connections, which leads to resource exhaustion within the cupsd daemon. Exploitation does not require authentication or user interaction but does require local network access to the printing service. The CVSS v3.1 base score is 5.1 (medium severity), reflecting the high attack complexity and local attack vector, with no impact on confidentiality or integrity but a significant impact on availability. No known exploits are currently reported in the wild. The issue was patched in version 2.4.15 by improving the handling of slow client connections to prevent resource exhaustion. Organizations using vulnerable versions of CUPS on Linux or Unix-like systems should prioritize upgrading to the fixed version to maintain printing service availability.

For European organizations, this vulnerability primarily threatens the availability of printing services managed by CUPS on Linux and Unix-like systems. Printing infrastructure is critical in many sectors including government, healthcare, finance, and manufacturing. A successful exploitation could disrupt business operations by making printing services unavailable, potentially delaying document processing and workflows. Although the vulnerability does not compromise data confidentiality or integrity, the denial of service could indirectly affect operational continuity and productivity. Organizations with large-scale or centralized printing environments are at higher risk of significant impact. Additionally, sectors with strict compliance and audit requirements may face challenges if printing logs or records become inaccessible. The requirement for local network access limits remote exploitation but insider threats or compromised internal hosts could leverage this vulnerability. Given the medium severity and absence of known exploits, the immediate risk is moderate but warrants timely remediation to avoid service degradation or denial.

1. Upgrade all CUPS installations to version 2.4.15 or later where the vulnerability is patched. 2. Implement network segmentation and firewall rules to restrict access to the cupsd service only to trusted hosts and users, minimizing exposure to potentially malicious clients. 3. Configure timeout settings and connection limits on the cupsd daemon to detect and drop slow or stalled connections more aggressively, if configurable. 4. Monitor printing service logs and network traffic for unusual connection patterns, such as slow or partial data transmissions, which may indicate attempted exploitation. 5. Employ host-based intrusion detection systems (HIDS) to alert on abnormal resource consumption by the cupsd process. 6. Educate internal users and administrators about the risk of local network attacks and enforce strict access controls on internal networks. 7. Regularly audit and update printing infrastructure components as part of vulnerability management programs to ensure timely patching.