On 27/09/24 12:10, Lawrence D'Oliveiro wrote:
On Thu, 26 Sep 2024 15:46:13 +1200, Peter Reutemann quoted:
'A critical unauthenticated Remote Code Execution (RCE) vulnerability has been discovered, impacting all GNU/Linux systems.' It’s a bug in cups-browsed. Details have appeared all over the place, I found a copy here <https://gist.github.com/stong/c8847ef27910ae344a7b5408d9840ee1>.
Summary: cups-browsed is listening on UDP port 631 for notifications of new printers appearing on the network; it blindly trusts the information it receives, leading to the code execution vulnerability.
That explains the cups updates this morning... https://www.omgubuntu.co.uk/2024/09/ubuntu-secuity-fix-cups-vulnerability Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, Hamilton, NZ Mobile +64 22 190 2375 https://profiles.waikato.ac.nz/peter.reutemann http://www.data-mining.co.nz/