libppd: CUPS libppd improper input validation (CVE-2024-47175) #shorts #breaking

CVE

This security vulnerability involves the CUPS printing system, specifically the libppd library. An issue in the libppd function called ppdCreatePPDFromIPP2 fails to properly validate input attributes from IPP, leading to potential remote code execution. This vulnerability can be exploited through a chain involving Foomatic, allowing malicious actors to control input and execute arbitrary code. It affects all versions of libppd up to and including version 2.1b1. The vulnerability, identified as CVE-2024-47175, is a zero-day, meaning it is actively exploited, yet less than a month old, with no specific targets currently known.

Watch the full video on YouTube: CVE-2024-47175

Remediation and exploitation details

This chain involves the following actors

This following systems are involved

Attack entry point

Remediation actions

Exploitation actions

Related Content

NOTE: The following related content has not been vetted and may be unsafe.

CVE database technical details

CVE ID
CVE-2024-47175
Description
CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPrinterAttributes5`, can result in user controlled input and ultimately code execution via Foomatic. This vulnerability can be part of an exploit chain leading to remote code execution (RCE), as described in CVE-2024-47176.
Provider
GitHub_M
CWE / problem types
CWE-20: Improper Input Validation
Affected Software Versions
OpenPrinting:libppd:[{'version': '<= 2.1b1', 'status': 'affected'}]
Date Published
2024-09-26T21:18:25.265Z
Last Updated
2024-09-29T23:02:33.318Z