cups-2.3.3op2-21.el9
エラータID: AXSA:2023-6748:11
リリース日:
2023/12/07 Thursday - 12:57
題名:
cups-2.3.3op2-21.el9
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- CUPS の format_log_line() 関数には、ヒープ領域のバッファー
オーバーフローの問題があるため、リモートの攻撃者により、
サービス拒否攻撃を可能とする脆弱性が存在します。
(CVE-2023-32324)
- CUPS の cupsdAcceptClient() 関数には、メモリ領域の解放後
利用の問題があるため、リモートの攻撃者により、特定の状況下
での HTTP 接続の切断を介して、情報の漏洩、およびサービス
拒否攻撃 (クラッシュの発生) を可能とする脆弱性が存在します。
(CVE-2023-34241)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2023-32324
OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication.
OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication.
CVE-2023-34241
OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before. This is a use-after-free bug that impacts the entire cupsd process. The exact cause of this issue is the function `httpClose(con->http)` being called in `scheduler/client.c`. The problem is that httpClose always, provided its argument is not null, frees the pointer at the end of the call, only for cupsdLogClient to pass the pointer to httpGetHostname. This issue happens in function `cupsdAcceptClient` if LogLevel is warn or higher and in two scenarios: there is a double-lookup for the IP Address (HostNameLookups Double is set in `cupsd.conf`) which fails to resolve, or if CUPS is compiled with TCP wrappers and the connection is refused by rules from `/etc/hosts.allow` and `/etc/hosts.deny`. Version 2.4.6 has a patch for this issue.
OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before. This is a use-after-free bug that impacts the entire cupsd process. The exact cause of this issue is the function `httpClose(con->http)` being called in `scheduler/client.c`. The problem is that httpClose always, provided its argument is not null, frees the pointer at the end of the call, only for cupsdLogClient to pass the pointer to httpGetHostname. This issue happens in function `cupsdAcceptClient` if LogLevel is warn or higher and in two scenarios: there is a double-lookup for the IP Address (HostNameLookups Double is set in `cupsd.conf`) which fails to resolve, or if CUPS is compiled with TCP wrappers and the connection is refused by rules from `/etc/hosts.allow` and `/etc/hosts.deny`. Version 2.4.6 has a patch for this issue.
追加情報:
N/A
ダウンロード:
SRPMS
- cups-2.3.3op2-21.el9.src.rpm
MD5: 7751edfa81dab248640486e41aaf4e78
SHA-256: 9c9cdf10b990082d997a146f5f230beb3fefb3e2e41bc6db561d1b8f769b1a47
Size: 7.72 MB
Asianux Server 9 for x86_64
- cups-2.3.3op2-21.el9.x86_64.rpm
MD5: bf253d0f7496b24ad46e302640c76396
SHA-256: eb3c9a68ea62993dccc2189833c9536491c759eaf0b049ef200cf6e3842d95b3
Size: 1.31 MB - cups-client-2.3.3op2-21.el9.x86_64.rpm
MD5: 47fd08fc553600995f066390d8e7db6b
SHA-256: d265dbb7d6e9e614a70d45746e3c0731c78b45ceacff50399b3eb261918560ed
Size: 67.09 kB - cups-devel-2.3.3op2-21.el9.i686.rpm
MD5: 6be2c6f9a6f1a4dd78de9911fb682277
SHA-256: d05386e99451abac8f5a1a7288976fbe8e1d8260e3ec622ea7b9d73fb7311b41
Size: 47.91 kB - cups-devel-2.3.3op2-21.el9.x86_64.rpm
MD5: d3ccf6cd367a8eb7ae73f911fb35b819
SHA-256: 9ea700e9ee9f962597e3c67567f0a66255b8c9bc96fcb713f46050f70014b452
Size: 47.89 kB - cups-filesystem-2.3.3op2-21.el9.noarch.rpm
MD5: 68371d321bd901fb19d5fe1656b31e44
SHA-256: b211ac3e1724337ce09a12b12ac850db1cef45eb26343c72e3ab225a9be12003
Size: 9.87 kB - cups-ipptool-2.3.3op2-21.el9.x86_64.rpm
MD5: 249948fbc3e629fa95c9bb8d10456b59
SHA-256: bb0bd18486fa43c6f55dc2465b00894f1065d54842e3bd3465cc7aeceeea1085
Size: 3.85 MB - cups-libs-2.3.3op2-21.el9.i686.rpm
MD5: 4b81848d0921214ee80ff7f65b003a4a
SHA-256: a43050c0510d34493beb6fce897ea17bbe4c393304e9017199c32baf03944e43
Size: 278.59 kB - cups-libs-2.3.3op2-21.el9.x86_64.rpm
MD5: 37d9adee298b5fd37e8b1adb57759c98
SHA-256: 775cb6dc8c781eb472b61e4c10aab1082effe7eb10477bdec4d77f781a62bf9e
Size: 260.54 kB - cups-lpd-2.3.3op2-21.el9.x86_64.rpm
MD5: d360a5ec971c9a7cd4fd92da319a83d5
SHA-256: 86ad5ae8e27d32ee7f5691d193e9e5453fa5293bb06df913e033e64f53989c27
Size: 24.73 kB - cups-printerapp-2.3.3op2-21.el9.x86_64.rpm
MD5: 93698a90c1e5f98aae687a5fafb8d4af
SHA-256: 9256b565403a061c2f32f2e6a5ab5bc34cecc95df148d7f73c093727a523b618
Size: 113.76 kB
English