CVE-2025-61915: Buffer Underflow Vulnerability Leads to Memory Corruption in CUPS

CVE-2025-61915 is a critical stack-based out-of-bounds write (pseudo stack underflow) in CUPS' IPv6 parser that can be abused to modify cupsd.conf and achieve local privilege escalation to root — and remote code execution as root where remote administration is enabled. The report provides detailed fuzzing setup, analysis of the vulnerable parser function, debugging notes, gadget finding, and a ROP-chain proof-of-concept delivered via a crafted IPv6 address in cupsd.conf.