When I saw news of the upcoming 9.9 CVE, I was thinking it was something significant, like a buffer overflow in the glibc DNS client, a ping of death, or something actually exciting. Nope, it's CUPS, the printing stack.
CUPS is not typically installed on server systems, but cloud expert Corey Quinn claims his Ubuntu EC2 box has it without his knowledge. I have checked my Ubuntu systems and have not been able to find CUPS on them.
I just checked my Ubuntu EC2 box (no desktop, obviously). dpkg showed it wasn't installed, but it was listening due to their horrible sidecar "snap" package system.
Even if you are vulnerable though, you need to print something in order for the malicious printer definitions that the CVE enables to allow for arbitrary code execution.
When you disable this service, automagic printer discovery over the network for desktop Linux systems will stop working. This should be fine unless you habitually purchase and use network attached printers.