Описание
Security update for cups-filters
This update for cups-filters fixes the following issues:
- CVE-2024-47176: cups-browsed binds on UDP port 631 and trusts packets that try to trigger a Get-Printer-Attributes IPP request. (bsc#1230939)
- CVE-2024-47850: cups-browsed can be abused to initiate remote DDoS against third-party targets (bsc#1231294)
The fix is disabling the CUPS protocol in cups-browsed.
Список пакетов
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Software Development Kit 12 SP5
Ссылки
- Link for SUSE-SU-2024:3570-1
- E-Mail link for SUSE-SU-2024:3570-1
- SUSE Security Ratings
- SUSE Bug 1230939
- SUSE Bug 1231294
- SUSE CVE CVE-2024-47176 page
- SUSE CVE CVE-2024-47850 page
Описание
CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to.
Затронутые продукты
Ссылки
- CVE-2024-47176
- SUSE Bug 1230932
- SUSE Bug 1230939
Описание
CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. (The request is meant to probe the new printer but can be used to create DDoS amplification attacks.)
Затронутые продукты
Ссылки
- CVE-2024-47850
- SUSE Bug 1231294