Tags: Security , Vulnerabilities
Four CVE IDs have been assigned that together form an high-impact exploit chain surrounding CUPS: CVE-2024-47076, CVE-2024-47175, CVE-2024-47176 and CVE-2024-47177.
Canonical’s security team has released updates for the cups-browsed, cups-filters, libcupsfilters and libppd packages for all Ubuntu LTS releases under standard support. The updates remediate CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, while CVE-2024-47177 is addressed by the other 3 vulnerabilities being patched. Information on the affected versions can be found in the CVE pages linked above. If you have any of these installed, our recommendation is to update as soon as possible. Read on to learn more about the details. Security updates for ESM releases will be released shortly.
At its core, the vulnerability is exploited by tricking CUPS into generating an attacker-controlled PPD (PostScript Printer Description) file for a printer containing an arbitrary command. Whenever the next print job is sent to the printer in question, the command will be executed as the lp user (this is the user that the CUPS daemon runs as and, barring other exploitable vulnerabilities, would not have escalated privileges).