1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Linux ‘Severe’ Security Flaw in CUPS rated 9.9

Discussion in 'Software' started by Ice Tea, 27 Sep 2024.

  1. Ice Tea

    Ice Tea Minimodder

    Joined:
    26 Jul 2009
    Posts:
    908
    Likes Received:
    66
  2. andrew8200m

    andrew8200m Multimodder

    Joined:
    4 May 2009
    Posts:
    2,672
    Likes Received:
    321
    Embargo on the issue… the reality is those aware of it and inside the confines of the embargo are probably the same people selling the info surrounding the flaw that is then used for malicious intent. If they made it public knowledge rather than sticking embargo’s on it you could have had thousands move to a secondary system without this requirement or made use of a work around such as a block to UDP port 631 as noted.

    There’s nothing new with this sort of behaviour though and that’s the main issue!!
     
  3. The_Crapman

    The_Crapman World's worst stuntman. Lover of bit-tech

    Joined:
    5 Dec 2011
    Posts:
    7,912
    Likes Received:
    4,170
    But it's a made up game!?
    [​IMG]
     
  4. Ice Tea

    Ice Tea Minimodder

    Joined:
    26 Jul 2009
    Posts:
    908
    Likes Received:
    66
    From what I can see on Reddit, Ubuntu Snap sandboxing made sod all difference, even though they promote snaps as helping to contain zero-day exploits.

    Which I’m sure comes as no surprise to anyone.
     
  5. Gareth Halfacree

    Gareth Halfacree WIIGII! Lover of bit-tech Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    17,381
    Likes Received:
    7,215
    CUPS isn't really something you can sandbox, sadly.
     
  6. Ice Tea

    Ice Tea Minimodder

    Joined:
    26 Jul 2009
    Posts:
    908
    Likes Received:
    66
    They are introducing a new Snaps security centre so i don't know if there will be finer controls over Snaps lan and wan access.
     
  7. yuusou

    yuusou Multimodder

    Joined:
    5 Nov 2006
    Posts:
    2,952
    Likes Received:
    1,030
    Snaps can burn in hell. So can flatpak. So can appimage. Honestly containers aren't far behind, neither are *BSD jails. The overhead is astounding. Then the owners of these projects try to do some funky workarounds by separating out the underlying libraries like Qt or GTK into separate packaging, defeating the whole point of these glorified cgroups in a box.
    /rant
     
  8. Ice Tea

    Ice Tea Minimodder

    Joined:
    26 Jul 2009
    Posts:
    908
    Likes Received:
    66
    https://www.theregister.com/2024/10/07/critical_cups_vulnerability_chain_easy/

    The critical vulnerability in the Common Unix Printing System (CUPS) reported last week might have required some very particular circumstances to exploit, but Akamai researchers are warning the same vulnerabilities can easily be exploited for mass DDoS attacks.

    As we reported near the end of September when the vulnerabilities were made public, there are a series of four CVEs in CUPS that, when chained together, can allow a remote attacker to commandeer a victim's machine. Of course, there are some limitations: It only works if you're running CUPS with cups-browsed enabled, and can only be exploited when a print job is started.

    Send a carefully crafted packet to a vulnerable CUPS server, and none of those special conditions are needed to wreak havoc: if an attacker asks a CUPS server to treat the target of a DDoS request like a printer to be added, all bandwidth hell breaks loose.

    "For each packet sent, the vulnerable CUPS server will generate a larger and partially attacker-controlled IPP/HTTP request directed at the specified target," Akamai researchers said. "As a result, not only is the target affected, but the host of the CUPS server also becomes a victim, as the attack consumes its network bandwidth and CPU resources."
     
  9. yuusou

    yuusou Multimodder

    Joined:
    5 Nov 2006
    Posts:
    2,952
    Likes Received:
    1,030
    That starts to give the CVE score more sense. I bet there are thousands of linux-based home gateways out there that have never seen a firmware update and potentially have CUPS and CUPS-browsed installed.
     
    Ice Tea likes this.

Share This Page