CUPS Product Security Action Recommendations
Overview
An update has been released to address vulnerabilities in CUPS Products. Users of the affected versions are advised to update to the latest version.
Affected Products
CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, CVE-2024-47177
- cups-browsed version: ~ 2.0.1 (inclusive)
- cups-filters version: ~ 2.0.1 (inclusive)
- libcupsfilters version: ~ 2.1b1 (inclusive)
- libppd version: ~ 2.1b1 (inclusive)
Resolved Vulnerabilities
IPP attribute validation vulnerability in libcupsfilters (CVE-2024-47076)
PPD file generation vulnerability in libppd (CVE-2024-47175)
Remote code execution vulnerability in the cups-browsed service in CUPS (CVE-2024-47176)
Foomatic-rip instruction execution vulnerability in cups-filters (CVE-2024-47177)
Vulnerability Mitigation
These products are open source SW included in most Linux distributions, and all Linux OS users should check and verify their installation.
※ Check measures
Check the service status and package version
- command: $ sudo systemctl status cups-browsed
- command: $ dpkg -l | grep -E ‘cups-browsed|cups-filters|libcupsfilters|libppd’
※ What to do
Since a fixed version of the vulnerability has not yet been released, you should take the following steps and apply the security patch when it is released.
Disable the cups-browsed service (If not in use)
- command: $ sudo systemctl stop cups-browsed; sudo systemctl disable cups-browsed
Restart the CUPS service
- command: $ sudo systemctl restart cups
Harden firewall settings
- Block external access to UDP port 631
- command: $ sudo ufw deny proto udp from any to any port 631
References
[1] CVE-2024-47076 Detail
https://nvd.nist.gov/vuln/detail/CVE-2024-47076
[2] CVE-2024-47175 Detail
https://nvd.nist.gov/vuln/detail/CVE-2024-47175
[3] CVE-2024-47176 Detail
https://nvd.nist.gov/vuln/detail/CVE-2024-47176
[4] CVE-2024-47177 Detail