When starting the cupsd server with a Listen configuration item pointing
to a symbolic link, the cupsd process can be caused to perform an
arbitrary chmod of the provided argument, providing world-writable
access to the target.
- https://bugs.mageia.org/show_bug.cgi?id=33293
- https://www.openwall.com/lists/oss-security/2024/06/11/1
- https://www.cve.org/CVERecord?id=CVE-2024-35235
- 9/core/cups-2.4.6-1.2.mga9
Get the latest Linux and open source security news straight to your inbox.