Red Hat Security Advisory: golang-github-openprinting-ipp-usb security update
This advisory addresses security vulnerabilities in the golang-github-openprinting-ipp-usb package used in Red Hat Enterprise Linux 10. The package provides an HTTP reverse proxy backed by IPP-over-USB connections to devices, enabling driverless support for USB devices using the IPP-over-USB protocol. Two security issues are fixed: a memory exhaustion vulnerability in query parameter parsing in the net/url package (CVE-2025-61726) and an unexpected session resumption issue in crypto/tls (CVE-2025-68121). The update is rated as important by Red Hat Product Security. The advisory provides updated packages for multiple architectures and Red Hat Enterprise Linux variants. No known exploits in the wild have been reported at this time.
AI Analysis
Technical Summary
The golang-github-openprinting-ipp-usb package in Red Hat Enterprise Linux 10 acts as an HTTP reverse proxy for USB devices using the IPP-over-USB protocol. Two vulnerabilities have been addressed: CVE-2025-61726 involves memory exhaustion during query parameter parsing in the net/url Go package, which could lead to resource exhaustion (CWE-770). CVE-2025-68121 concerns unexpected session resumption behavior in the crypto/tls package, potentially affecting TLS session security. Red Hat has released updated packages to remediate these issues across multiple supported architectures and product variants.
Potential Impact
The memory exhaustion vulnerability (CVE-2025-61726) could allow an attacker to cause denial of service by exhausting memory resources during URL query parsing. The unexpected session resumption vulnerability (CVE-2025-68121) may lead to unintended TLS session resumption, which could impact the security guarantees of TLS connections. Both issues are rated as important by Red Hat, indicating a significant security impact but not critical. No known exploits in the wild have been reported.
Mitigation Recommendations
Red Hat has released updated packages for golang-github-openprinting-ipp-usb that address these vulnerabilities. Users of affected Red Hat Enterprise Linux 10 versions should apply the security update as described in the Red Hat advisory RHSA-2026:3092 and the referenced article https://access.redhat.com/articles/11258. Applying these official updates is the recommended remediation. There is no indication that additional mitigations or workarounds are required beyond installing the provided patches.
Red Hat Security Advisory: golang-github-openprinting-ipp-usb security update
Description
This advisory addresses security vulnerabilities in the golang-github-openprinting-ipp-usb package used in Red Hat Enterprise Linux 10. The package provides an HTTP reverse proxy backed by IPP-over-USB connections to devices, enabling driverless support for USB devices using the IPP-over-USB protocol. Two security issues are fixed: a memory exhaustion vulnerability in query parameter parsing in the net/url package (CVE-2025-61726) and an unexpected session resumption issue in crypto/tls (CVE-2025-68121). The update is rated as important by Red Hat Product Security. The advisory provides updated packages for multiple architectures and Red Hat Enterprise Linux variants. No known exploits in the wild have been reported at this time.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The golang-github-openprinting-ipp-usb package in Red Hat Enterprise Linux 10 acts as an HTTP reverse proxy for USB devices using the IPP-over-USB protocol. Two vulnerabilities have been addressed: CVE-2025-61726 involves memory exhaustion during query parameter parsing in the net/url Go package, which could lead to resource exhaustion (CWE-770). CVE-2025-68121 concerns unexpected session resumption behavior in the crypto/tls package, potentially affecting TLS session security. Red Hat has released updated packages to remediate these issues across multiple supported architectures and product variants.
Potential Impact
The memory exhaustion vulnerability (CVE-2025-61726) could allow an attacker to cause denial of service by exhausting memory resources during URL query parsing. The unexpected session resumption vulnerability (CVE-2025-68121) may lead to unintended TLS session resumption, which could impact the security guarantees of TLS connections. Both issues are rated as important by Red Hat, indicating a significant security impact but not critical. No known exploits in the wild have been reported.
Mitigation Recommendations
Red Hat has released updated packages for golang-github-openprinting-ipp-usb that address these vulnerabilities. Users of affected Red Hat Enterprise Linux 10 versions should apply the security update as described in the Red Hat advisory RHSA-2026:3092 and the referenced article https://access.redhat.com/articles/11258. Applying these official updates is the recommended remediation. There is no indication that additional mitigations or workarounds are required beyond installing the provided patches.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:3092
- Cve Count
- 2
- Additional Cves
- ["CVE-2025-68121"]
- Cvss Version
- null
Threat ID: 6a16096be29bf47b5063196f
Added to database: 5/26/2026, 8:58:19 PM
Last enriched: 5/26/2026, 9:45:53 PM
Last updated: 5/27/2026, 5:03:35 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.