Security Alert: Common UNIX Printing System (CUPS) Vulnerabilities
Date:
2024-09-26 21:41:00
Status:
Closed
Brief Description:
Four vulnerabilities for the Common UNIX Printing System (CUPS) have been disclosed. The IT Security Office is investigating their impact and taking precautionary action to mitigate their effects.
Current Status:
Patches and remediation advice:
Oracle Linux -https://linux.oracle.com/errata/ELSA-2024-7346.html and https://linux.oracle.com/errata/ELSA-2024-7463.html
Red Hat Linux - https://access.redhat.com/security/vulnerabilities/RHSB-2024-002
Debian:
https://security-tracker.debian.org/tracker/CVE-2024-47076
https://security-tracker.debian.org/tracker/CVE-2024-47175
https://security-tracker.debian.org/tracker/CVE-2024-47176
https://security-tracker.debian.org/tracker/CVE-2024-47177
Oracle Linux -https://linux.oracle.com/errata/ELSA-2024-7346.html and https://linux.oracle.com/errata/ELSA-2024-7463.html
Red Hat Linux - https://access.redhat.com/security/vulnerabilities/RHSB-2024-002
Debian:
https://security-tracker.debian.org/tracker/CVE-2024-47076
https://security-tracker.debian.org/tracker/CVE-2024-47175
https://security-tracker.debian.org/tracker/CVE-2024-47176
https://security-tracker.debian.org/tracker/CVE-2024-47177
Services Affected:
Not Applicable
Full Description:
The vulnerabilities disclosed affect a wide amount of Unix type systems. The four vulnerabilities disclosed are:
CVE-2024-47076 - libscupsfilters Improper Input Validation or Sanitization Vulnerability
CVE-2024-47175 - libppd Improper Input Validation or Sanitization Vulnerability
CVE-2024-47176 - cups-browsed Binding to an Unrestricted IP Address Vulnerability
CVE-2024-47177 - cups-filters Command Injection Vulnerability
At the time of this alert’s original posting, no updates or patches are available to fix these vulnerabilities. Security experts have recommended mitigations to guard against their exploitation:
· Disable and remove cups-browsed from vulnerable systems.
· Block the CUPS listening port - UDP port 631.
· Update CUPS as soon as updates are available.
The IT Security Office has taken steps to block UDP and TCP port 631 at our campus’ internet border. Assets hosted off-campus, such as in cloud providers (Azure, AWS, etc...), are not protected by the above border block. Server administrators are still encouraged to review their hosts and apply the above mitigations where feasible.
Sources and additional information:
Sources and additional information:
Patches and remediation advice:
Oracle Linux -https://linux.oracle.com/errata/ELSA-2024-7346.html and https://linux.oracle.com/errata/ELSA-2024-7463.html
Red Hat Linux - https://access.redhat.com/security/vulnerabilities/RHSB-2024-002
Debian:
https://security-tracker.debian.org/tracker/CVE-2024-47076
https://security-tracker.debian.org/tracker/CVE-2024-47175
https://security-tracker.debian.org/tracker/CVE-2024-47176
https://security-tracker.debian.org/tracker/CVE-2024-47177
CIT TDX ID: