libcupsfilters: improper input validation in libcupsfilters (CVE-2024-47076) #shorts #breaking
CVE
This security vulnerability involves the improper validation of input in the `libcupsfilters` library, specifically affecting OpenPrinting libcupsfilters versions up to 2.1b1. This library is part of the Common Unix Printing System, an open-source and standards-based printing system. The flaw resides in the `cfGetPrinterAttributes5` function, which fails to properly sanitize Internet Printing Protocol attributes received from an IPP server. This oversight allows an attacker to craft malicious data that could be introduced into the wider CUPS system. As this issue is considered a zero-day vulnerability, it means it was just discovered two days ago, and no prior defenses were available to protect against it. While the specific tools used by attackers and affected parties remain unspecified, anyone using the CUPS printing system should be aware of this potential threat.
Watch the full video on YouTube: CVE-2024-47076
Remediation and exploitation details
This chain involves the following actors
This following systems are involved
Attack entry point
Remediation actions
Exploitation actions
Related Content
NOTE: The following related content has not been vetted and may be unsafe.
- https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5
- https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8
- https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47
- https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6
- https://www.cups.org
- https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I