On 27/09/24 12:10, Lawrence D'Oliveiro wrote:
On Thu, 26 Sep 2024 15:46:13 +1200, Peter Reutemann quoted:


'A critical unauthenticated Remote Code Execution (RCE) vulnerability
has been discovered, impacting all GNU/Linux systems.'

It���s a bug in cups-browsed. Details have appeared all over the place, I
found a copy here
<https://gist.github.com/stong/c8847ef27910ae344a7b5408d9840ee1>.

Summary: cups-browsed is listening on UDP port 631 for notifications of
new printers appearing on the network; it blindly trusts the information
it receives, leading to the code execution vulnerability.

That explains the cups updates this morning...

https://www.omgubuntu.co.uk/2024/09/ubuntu-secuity-fix-cups-vulnerability

Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, Hamilton, NZ
Mobile +64 22 190 2375
https://profiles.waikato.ac.nz/peter.reutemann
http://www.data-mining.co.nz/