cups-2.2.6-54.el8
エラータID: AXSA:2023-7196:13
リリース日:
2023/12/23 Saturday - 00:15
題名:
cups-2.2.6-54.el8
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- CUPS の format_log_line() 関数には、ヒープ領域のバッファー
オーバーフローの問題があるため、リモートの攻撃者により、
サービス拒否攻撃を可能とする脆弱性が存在します。
(CVE-2023-32324)
- CUPS の cupsdAcceptClient() 関数には、メモリ領域の解放後
利用の問題があるため、リモートの攻撃者により、特定の状況下
での HTTP 接続の切断を介して、情報の漏洩、およびサービス
拒否攻撃 (クラッシュの発生) を可能とする脆弱性が存在します。
(CVE-2023-34241)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2023-32324
OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication.
OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication.
CVE-2023-34241
OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before. This is a use-after-free bug that impacts the entire cupsd process. The exact cause of this issue is the function `httpClose(con->http)` being called in `scheduler/client.c`. The problem is that httpClose always, provided its argument is not null, frees the pointer at the end of the call, only for cupsdLogClient to pass the pointer to httpGetHostname. This issue happens in function `cupsdAcceptClient` if LogLevel is warn or higher and in two scenarios: there is a double-lookup for the IP Address (HostNameLookups Double is set in `cupsd.conf`) which fails to resolve, or if CUPS is compiled with TCP wrappers and the connection is refused by rules from `/etc/hosts.allow` and `/etc/hosts.deny`. Version 2.4.6 has a patch for this issue.
OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before. This is a use-after-free bug that impacts the entire cupsd process. The exact cause of this issue is the function `httpClose(con->http)` being called in `scheduler/client.c`. The problem is that httpClose always, provided its argument is not null, frees the pointer at the end of the call, only for cupsdLogClient to pass the pointer to httpGetHostname. This issue happens in function `cupsdAcceptClient` if LogLevel is warn or higher and in two scenarios: there is a double-lookup for the IP Address (HostNameLookups Double is set in `cupsd.conf`) which fails to resolve, or if CUPS is compiled with TCP wrappers and the connection is refused by rules from `/etc/hosts.allow` and `/etc/hosts.deny`. Version 2.4.6 has a patch for this issue.
追加情報:
N/A
ダウンロード:
SRPMS
- cups-2.2.6-54.el8.src.rpm
MD5: 1f366a44ed19d7a1d22ae86d93c02d7f
SHA-256: 56b82a4349a837176112c64b87d093b03664f881b12c7b7594157cb00d13bfa5
Size: 10.09 MB
Asianux Server 8 for x86_64
- cups-2.2.6-54.el8.x86_64.rpm
MD5: 22abb898cc0a31c31d3cb489cbfe303e
SHA-256: e093731e6baf239c0cd6ab0c9deae6a26d900b9222149e69c4f2e791d3442dea
Size: 1.42 MB - cups-client-2.2.6-54.el8.x86_64.rpm
MD5: d06c42299b5695b2fe3257aa8d7d16c9
SHA-256: e50afbc1cde15e3d4ebe1d269629ccfc5f6e6e4441fef536969165eb6f2c6f25
Size: 170.72 kB - cups-devel-2.2.6-54.el8.i686.rpm
MD5: 344b4a3644b2845884ce104f24651ee5
SHA-256: 32339198fe38e4076d9a8dee434f8c49f011b71e7f2aa61a706b0b4da19cd6d8
Size: 150.33 kB - cups-devel-2.2.6-54.el8.x86_64.rpm
MD5: a5faa65d1abc5a7c3110b20ffb49451a
SHA-256: ec6e6b09964b9c95140a372311a7f00b1c2b86a5c8406b47845299e7bab4e872
Size: 150.35 kB - cups-filesystem-2.2.6-54.el8.noarch.rpm
MD5: e260429b7d779f7c87235d3cc70435f6
SHA-256: fc1a3c5111602fc5b08e4d505c7ed64ab4c68f11589e0e76e0e803dc811aa36f
Size: 110.68 kB - cups-ipptool-2.2.6-54.el8.x86_64.rpm
MD5: 9323f53f4e2f834f323466f0f2444029
SHA-256: b8f681db619c82bfc9f5cc1f1fc352dedd963b81dd795c88f9494b3f001674e0
Size: 5.82 MB - cups-libs-2.2.6-54.el8.i686.rpm
MD5: d48b89c68e6e2d3241cb30135fea50a7
SHA-256: 73164b2042d66cc89c2c489b6a5bc42ca3cc0784062ba65f0e08ba1ff983e08f
Size: 460.80 kB - cups-libs-2.2.6-54.el8.x86_64.rpm
MD5: 1226a4da9fd4a92e70cfdd3e4733fbd4
SHA-256: f851059c8d8083b492438a02ea441c63191f7d7371dbcb1b37301dc2475c2613
Size: 434.33 kB - cups-lpd-2.2.6-54.el8.x86_64.rpm
MD5: 20a089adec04e0ac3d57aeac82a14ba2
SHA-256: 6fbcaf483d959ab96c4b76650a1496f5de127148db3e9441acbcfdbdd6e0c580
Size: 125.80 kB
English