Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

Ubuntu 24.04 LTS: USN-7045-1 Critical: libppd Remote Code Execution

Calendar Sep 26, 2024 User Avatar LinuxSecurity Advisories
1 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory critical remote code execution Ubuntu network issue libppd
libppd could be made to run programs if it received specially crafted network traffic. 
==========================================================================
Ubuntu Security Notice USN-7045-1
September 26, 2024

libppd vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS

Summary:

libppd could be made to run programs if it received specially crafted
network traffic.

Software Description:
- libppd: OpenPrinting libppd

Details:

Simone Margaritelli discovered that libppd incorrectly sanitized IPP data
when creating PPD files. A remote attacker could possibly use this issue to
manipulate PPD files and execute arbitrary code when a printer is used.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
   libppd-utils                    2:2.0.0-0ubuntu4.1
   libppd2                         2:2.0.0-0ubuntu4.1

In general, a standard system update will make all the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-7045-1
   CVE-2024-47175

Package Information:
   https://launchpad.net/ubuntu/+source/libppd/2:2.0.0-0ubuntu4.1

Ubuntu 24.04 LTS: USN-7045-1 Critical: libppd Remote Code Execution

ubuntu
Calendar Grey September 26, 2024
Dist Ubuntu Esm H88
This report addresses the libxyz vulnerability impacting Debian, which poses a risk of unauthorized access through specially crafted packets.
libppd could be made to run programs if it received specially crafted network traffic.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS Summary: libppd could be made to run programs if it received specially crafted network traffic. Software Description: - libppd: OpenPrinting libppd Details: Simone Margaritelli discovered that libppd incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used.

Topics%20covered

Topics Covered

security advisory critical remote code execution Ubuntu network issue libppd

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS libppd-utils 2:2.0.0-0ubuntu4.1 libppd2 2:2.0.0-0ubuntu4.1 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7045-1

CVE-2024-47175

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7045-1

Topics%20covered

Topics Covered

security advisory critical remote code execution Ubuntu network issue libppd

Package Information

https://launchpad.net/ubuntu/+source/libppd/2:2.0.0-0ubuntu4.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here