Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Ubuntu 24.04 LTS: USN-7042-1 Critical: cups-browsed Remote Execution Risk

ubuntu
Calendar Grey September 26, 2024
Dist Ubuntu Esm H88
A critical CUPS-browsed vulnerability could allow unauthorized access and remote code execution. Update your system immediately to mitigate risks and enhance security.
cups-browsed could be made to run programs if it received specially crafted network traffic.

Summary

cups-browsed could be made to run programs if it received specially crafted

network traffic.

Software Description:

- cups-browsed: OpenPrinting cups-browsed

Details:

Simone Margaritelli discovered that cups-browsed could be used to create

arbitrary printers from outside the local network. In combination with

issues in other printing components, a remote attacker could possibly use

this issue to connect to a system, created manipulated PPD files, and

execute arbitrary code when a printer is used. This update disables support

for the legacy CUPS printer discovery protocol.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
   cups-browsed                    2.0.0-0ubuntu10.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7042-1

CVE-2024-47176

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7042-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here