Description:

Out-of-bounds vulnerabilities were found for certain printer drivers for office/small office multifunction printers and laser printers that may prevent printing when a crafted XPS document (*) is printed.

These vulnerabilities do not affect printing of normal XPS documents created by common applications and do not cause issues such as data breach.

* XPS document is an XML based markup language and file format developed by Microsoft for describing documents.

Affected Printer Drivers:

• Generic PCL6 V4 Printer Driver - All versions
• Generic UFR II V4 Printer Driver - All versions
• Generic LIPSLX V4 Printer Driver - All versions

CVE/CVSS:

CVE-2025-0234:

Out-of-bounds vulnerability in curve segmentation processing of Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver

CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Base Score: 5.3

CVE-2025-0235:

Out-of-bounds vulnerability due to improper memory release during image rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver

CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 

Base Score: 5.3

CVE-2025-0236:

Out-of-bounds vulnerability in slope processing during curve rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver

CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Base Score: 5.3

Mitigation:

Please delete your current printer driver and download the latest version of the following printer drivers.

• Generic Plus PCL6 Printer Driver
• Generic Plus UFR II Printer Driver
• Generic Plus LIPSLX Printer Driver

Please check the websites of your local Canon sales representatives for the latest printer driver.