Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 401
Alerts This Week
Warning Icon 1 401

Ubuntu 16.04 ESM USN-5454-2 Critical: CUPS Buffer Overflow

ubuntu
Calendar Grey May 31, 2022
Dist Ubuntu Esm H88
Investigate the latest security flaws in CUPS for Ubuntu, assessing their risk levels and the necessary corrective measures to maintain system integrity.
Several security issues were fixed in CUPS.

Summary

Several security issues were fixed in CUPS.

Software Description:

- cups: Common UNIX Printing System(tm)

Details:

USN-5454-1 fixed several vulnerabilities in CUPS. This update provides

the corresponding update for Ubuntu 16.04 ESM.

Original advisory details:

Joshua Mason discovered that CUPS incorrectly handled the secret key used

to access the administrative web interface. A remote attacker could

possibly use this issue to open a session as an administrator and execute

arbitrary code. (CVE-2022-26691)

It was discovered that CUPS incorrectly handled certain memory operations

when handling IPP printing. A remote attacker could possibly use this issue

to cause CUPS to crash, leading to a denial of service, or obtain sensitive

information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04

LTS. (CVE-2019-8842, CVE-2020-10001)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
  cups                            2.1.3-4ubuntu0.11+esm1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5454-2

https://ubuntu.com/security/notices/USN-5454-1

CVE-2019-8842, CVE-2020-10001, CVE-2022-26691

Severity
critical
Lowest
Low
Medium
High
Critical

May 31, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.