Ubuntu Security Notice 7044-1 - Simone Margaritelli discovered that libcupsfilters incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used.
d4563f3697d6676917894763df709e3f207c74657933f144dfdf4c80edeb0d33
==========================================================================
Ubuntu Security Notice USN-7044-1
September 26, 2024
libcupsfilters vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
Summary:
libcupsfilters could be made to run programs if it received specially
crafted network traffic.
Software Description:
- libcupsfilters: OpenPrinting libcupsfilters
Details:
Simone Margaritelli discovered that libcupsfilters incorrectly sanitized
IPP data when creating PPD files. A remote attacker could possibly use this
issue to manipulate PPD files and execute arbitrary code when a printer is
used.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
libcupsfilters2-common 2.0.0-0ubuntu7.1
libcupsfilters2t64 2.0.0-0ubuntu7.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7044-1
CVE-2024-47076
Package Information:
https://launchpad.net/ubuntu/+source/libcupsfilters/2.0.0-0ubuntu7.1