Read more: www.darkreading.com
Multiple vulnerabilities have been discovered in the Common Unix Printing System (CUPS), a core printing component for many Unix-like operating systems. These vulnerabilities, tracked as CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, could allow attackers to execute arbitrary commands on vulnerable systems, potentially leading to security breaches and data theft. The vulnerabilities stem from flaws in the handling of Internet Printing Protocol (IPP) requests, improper validation of IPP attributes, and inadequate sanitization of temporary files. Systems running CUPS, particularly those with the cups-browsed service exposed to the internet, are at risk. The impact of these vulnerabilities is considered major, as they allow for remote code execution, potentially leading to significant security compromises.