September 27, 2024 at 09:24AM New security vulnerabilities in CUPS on Linux systems permit remote command execution. Attackers can exploit these issues to install fake printers and execute malicious code, potentially leading to data theft or system damage. The vulnerabilities affect RHEL but do not impact Palo Alto Networks products. Patches are forthcoming, and temporary … Read more
September 27, 2024 at 06:21AM Researcher Simone Margaritelli revealed an unauthenticated remote code execution (RCE) vulnerability affecting all GNU/Linux systems, initially considered highly critical. The flaw, related to OpenPrinting’s Common UNIX Printing System (CUPS), was later disclosed alongside its CVE identifiers. Exploitation requires certain conditions and mitigating factors lower the real-world applicability and severity of … Read more
September 26, 2024 at 06:09PM Attackers can exploit multiple vulnerabilities in the CUPS open-source printing system (CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, CVE-2024-47177) discovered by Simone Margaritelli to execute remote code. The cups-browsed daemon, when enabled, can be exploited to automatically install a malicious printer, but mitigations such as disabling the service are available. Red Hat has rated … Read more