cups-filters-1.20.0-35.el8_10
エラータID: AXSA:2024-8879:04
リリース日:
2024/10/04 Friday - 10:56
題名:
cups-filters-1.20.0-35.el8_10
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- CUPS の libcupsfilters の cfGetPrinterAttributes5() 関数には、
IPP サーバーから返される IPP 属性の検証処理が不足している
問題があるため、リモートの攻撃者により、細工された IPP
データの送信を介して、不正なプリンターの追加による情報の
漏洩、および IPP URL の置換によるプリンターの乗っ取りなど
を可能とする脆弱性が存在します。(CVE-2024-47076)
- CUPS の libppd の ppdCreatePPDFromIPP2() 関数には、PPD
ファイルへの書き込み時における IPP 属性のチェック処理が不足
しているため、リモートの攻撃者により、細工された IPP データ
の送信を介して、PPD ファイルへの不正なコマンドの挿入を可能
とする脆弱性が存在します。(CVE-2024-47175)
- CUPS の cups-browsed には、送信元の制限をせずに 631/UDP
からのパケットを処理してしまう問題があるため、リモートの
攻撃者により、不正な Get-Printer-Attributes IPP リクエストの
処理によるプリンタ情報の漏洩、および任意のコードの実行を
可能とする脆弱性が存在します。(CVE-2024-47176)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2024-47076
CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format conversion tasks needed in Printer Applications. The `cfGetPrinterAttributes5` function in `libcupsfilters` does not sanitize IPP attributes returned from an IPP server. When these IPP attributes are used, for instance, to generate a PPD file, this can lead to attacker controlled data to be provided to the rest of the CUPS system.
CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format conversion tasks needed in Printer Applications. The `cfGetPrinterAttributes5` function in `libcupsfilters` does not sanitize IPP attributes returned from an IPP server. When these IPP attributes are used, for instance, to generate a PPD file, this can lead to attacker controlled data to be provided to the rest of the CUPS system.
CVE-2024-47175
CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPrinterAttributes5`, can result in user controlled input and ultimately code execution via Foomatic. This vulnerability can be part of an exploit chain leading to remote code execution (RCE), as described in CVE-2024-47176.
CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPrinterAttributes5`, can result in user controlled input and ultimately code execution via Foomatic. This vulnerability can be part of an exploit chain leading to remote code execution (RCE), as described in CVE-2024-47176.
CVE-2024-47176
CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to.
CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to.
追加情報:
N/A
ダウンロード:
SRPMS
- cups-filters-1.20.0-35.el8_10.src.rpm
MD5: d8b55006eda3067186a528de7584a552
SHA-256: 68ecb2fcad2300c55382dab557ff0d1d79d63e8faa2627e650fdbd5fc780b93b
Size: 1.48 MB
Asianux Server 8 for x86_64
- cups-filters-1.20.0-35.el8_10.x86_64.rpm
MD5: 5263880f893f816a081060af480c10bc
SHA-256: 474cb29ed2292a07c9c0b555b18e76e3fc9471407d8acb03cc59ee0e50207a32
Size: 768.93 kB - cups-filters-devel-1.20.0-35.el8_10.i686.rpm
MD5: 33a60db18f7da492daea6a34bda31c7d
SHA-256: 7c1a8616d12f8b7e60824c0ba0c840f4e66361d4bd03466ee4883d4f9df27e77
Size: 35.88 kB - cups-filters-devel-1.20.0-35.el8_10.x86_64.rpm
MD5: 507e11948ff13dc541a2b360f8f505be
SHA-256: 7f5c9e75a0e886dac3bfe18113ded762d1b4486b45398efca2b11237b76a08b5
Size: 35.87 kB - cups-filters-libs-1.20.0-35.el8_10.i686.rpm
MD5: 048a2a1bc266883ff6c357650e9bca72
SHA-256: 04b338c8d77c07b0dc5ef4e28657da66930b7c9f8c1fd6dab070651363c4cfa0
Size: 145.01 kB - cups-filters-libs-1.20.0-35.el8_10.x86_64.rpm
MD5: 0c8571a959c2129b71147221d46a5684
SHA-256: fa1428dd9db47601c286dc4bff2b2d185ac1e9e4a6fb1f169b569f0316c932e7
Size: 136.33 kB
English