Описание
Security update for cups-filters
This update for cups-filters fixes the following issues:
- cups-browsed would bind on UDP INADDR_ANY:631 and trust any packet from any source to trigger a Get-Printer-Attributes IPP request to an attacker controlled URL. This patch removes support for the legacy CUPS and LDAP protocols(bsc#1230939, CVE-2024-47176)
Список пакетов
SUSE Enterprise Storage 7.1
cups-filters-1.25.0-150200.3.16.1
cups-filters-devel-1.25.0-150200.3.16.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
cups-filters-1.25.0-150200.3.16.1
cups-filters-devel-1.25.0-150200.3.16.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
cups-filters-1.25.0-150200.3.16.1
cups-filters-devel-1.25.0-150200.3.16.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
cups-filters-1.25.0-150200.3.16.1
cups-filters-devel-1.25.0-150200.3.16.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
cups-filters-1.25.0-150200.3.16.1
cups-filters-devel-1.25.0-150200.3.16.1
SUSE Linux Enterprise Module for Basesystem 15 SP5
cups-filters-1.25.0-150200.3.16.1
cups-filters-devel-1.25.0-150200.3.16.1
SUSE Linux Enterprise Module for Basesystem 15 SP6
cups-filters-1.25.0-150200.3.16.1
cups-filters-devel-1.25.0-150200.3.16.1
SUSE Linux Enterprise Server 15 SP2-LTSS
cups-filters-1.25.0-150200.3.16.1
cups-filters-devel-1.25.0-150200.3.16.1
SUSE Linux Enterprise Server 15 SP3-LTSS
cups-filters-1.25.0-150200.3.16.1
cups-filters-devel-1.25.0-150200.3.16.1
SUSE Linux Enterprise Server 15 SP4-LTSS
cups-filters-1.25.0-150200.3.16.1
cups-filters-devel-1.25.0-150200.3.16.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
cups-filters-1.25.0-150200.3.16.1
cups-filters-devel-1.25.0-150200.3.16.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
cups-filters-1.25.0-150200.3.16.1
cups-filters-devel-1.25.0-150200.3.16.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4
cups-filters-1.25.0-150200.3.16.1
cups-filters-devel-1.25.0-150200.3.16.1
SUSE Manager Proxy 4.3
cups-filters-1.25.0-150200.3.16.1
cups-filters-devel-1.25.0-150200.3.16.1
SUSE Manager Server 4.3
cups-filters-1.25.0-150200.3.16.1
cups-filters-devel-1.25.0-150200.3.16.1
openSUSE Leap 15.5
cups-filters-1.25.0-150200.3.16.1
cups-filters-devel-1.25.0-150200.3.16.1
openSUSE Leap 15.6
cups-filters-1.25.0-150200.3.16.1
cups-filters-devel-1.25.0-150200.3.16.1
Ссылки
- Link for SUSE-SU-2024:3523-1
- E-Mail link for SUSE-SU-2024:3523-1
- SUSE Security Ratings
- SUSE Bug 1230939
- SUSE CVE CVE-2024-47176 page
Описание
CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to.
Затронутые продукты
SUSE Enterprise Storage 7.1:cups-filters-1.25.0-150200.3.16.1
SUSE Enterprise Storage 7.1:cups-filters-devel-1.25.0-150200.3.16.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:cups-filters-1.25.0-150200.3.16.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:cups-filters-devel-1.25.0-150200.3.16.1
Ссылки
- CVE-2024-47176
- SUSE Bug 1230932
- SUSE Bug 1230939