Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution


New security vulnerabilities in the OpenPrinting Common Unix Printing System (CUPS) on Linux systems have been disclosed, potentially allowing remote command execution. An attacker could replace or install printers with malicious IPP URLs, triggering arbitrary code execution when a print job starts. The flaws, tracked as CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, affect various Linux distributions, including ArchLinux, Debian, and Red Hat Enterprise Linux. While the flaws stem from improper validation of network data in components like "cups-browsed," the impact is mitigated as they do not affect systems in their default configuration.

Read More


thumb-image

Solutions