SUSE: 2018:2162-1 Moderate: cups Local Escalations and Bypass Fixes

suse

August 1, 2018

An update that solves 5 vulnerabilities and has two fixes is now available

Summary

This update for cups fixes the following issues: The following security vulnerabilities were fixed: - CVE-2017-18248: Handle invalid characters properly in printing jobs. This fixes a problem that was causing the DBUS library to abort the calling process. (bsc#1061066 bsc#1087018) - Fixed a local privilege escalation to root and sandbox bypasses in the scheduler - CVE-2018-4180: Fixed a local privilege escalation to root in dnssd backend (bsc#1096405) - CVE-2018-4181: Limited local file reads as root via cupsd.conf include directive (bsc#1096406) - CVE-2018-4182: Fixed a sandbox bypass due to insecure error handling (bsc#1096407) - CVE-2018-4183: Fixed a sandbox bypass due to profile misconfiguration (bsc#1096408) The following other issue was fixed:

Topics Covered

security advisory moderate local privilege escalation software update cups SUSE sandbox bypass

References

#1050082 #1061066 #1087018 #1096405 #1096406

#1096407 #1096408

Cross- CVE-2017-18248 CVE-2018-4180 CVE-2018-4181

CVE-2018-4182 CVE-2018-4183

Affected Products:

SUSE Linux Enterprise Software Development Kit 12-SP3

SUSE Linux Enterprise Server 12-SP3

SUSE Linux Enterprise Desktop 12-SP3

https://www.suse.com/security/cve/CVE-2017-18248.html

https://www.suse.com/security/cve/CVE-2018-4180.html

https://www.suse.com/security/cve/CVE-2018-4181.html

https://www.suse.com/security/cve/CVE-2018-4182.html

https://www.suse.com/security/cve/CVE-2018-4183.html

https://bugzilla.suse.com/1050082

https://bugzilla.suse.com/1061066

https://bugzilla.suse.com/1087018

https://bugzilla.suse.com/1096405

https://bugzilla.suse.com/1096406

Announcement ID: SUSE-SU-2018:2162-1

Rating: moderate

Topics Covered

security advisory moderate local privilege escalation software update cups SUSE sandbox bypass

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2018:2162-1 Moderate: cups Local Escalations and Bypass Fixes

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2018:2162-1 Moderate: cups Local Escalations and Bypass Fixes

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!