CVE-2025-64524: 
Linux Debian vulnerability analysis and mitigation

CVE-2025-64524 is a heap buffer overflow vulnerability discovered in the cups-filters package, specifically affecting the rastertopclx filter in versions 2.0.1 and prior. The vulnerability was reported by security researcher frostb1ten and publicly disclosed on November 20, 2025. The issue affects the cups-filters package which contains backends, filters, and other software required for CUPS printing service functionality on non-macOS operating systems (GitHub Advisory, Debian Tracker).

The vulnerability exists in the CompressData function of the rastertopclx filter, where an unvalidated length parameter leads to a write beyond allocated memory. The issue occurs at line 1474 in rastertopclx.c with the operation '*comp_ptr++ = (offset << 3) | (count - 1)'. The vulnerability is rated as Low severity with a CVSS v3.1 score of 3.3 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L). The vulnerability requires local access and low privileges to exploit (OpenWall, GitHub Advisory).

When exploited, this vulnerability can cause the program to crash with a segmentation fault when processing maliciously crafted input data. The heap buffer overflow can trigger memory corruption, potentially leading to arbitrary code execution. However, the impact is limited as the filter runs under the restricted lp user which does not have root permissions (GitHub Advisory).

The vulnerability has been patched in versions after 2.0.1. Fixes have been committed to both the master branch (commit 0fe46c511e81062575b05936f804eb18c9f0a011) and the 1.x branch (commit b03866fd2e251a6d822a5e8c807c8d47b4d2dce2). Users are advised to upgrade to the latest version of cups-filters (OpenWall).