‘Severe’ Security Flaw in CUPS rated 9.9

Ice Tea · 27 Sep 2024 at 08:55

Unauthenticated RCE Flaw With CVSS 9.9 Rating For Linux Systems Affects CUPS - Phoronix

www.phoronix.com

Remote Code Exploit Found in CUPS Printing Stack

If you've cast a half-glazed eye over Linux social media feeds at some point in the past few days you may have caught wind that a huge Linux security flaw

www.omgubuntu.co.uk

Critical Linux bug is CUPS-based remote-code execution hole

No patches yet, can be mitigated, requires user interaction

www.theregister.com

People have been saying for years in security forums that no unused services should ever be left running.

They must feel vindicated.

Kainz · 27 Sep 2024 at 09:57

Just got the CUPS update on Linux Mint to address this.

Ice Tea · 28 Sep 2024 at 09:51

From what I can see on Reddit, Ubuntu Snap sandboxing made sod all difference, even though they promote snaps as helping to contain zero-day exploits.

Which I’m sure comes as no surprise to anyone.

Cob · 28 Sep 2024 at 16:41

Kainz said:
Just got the CUPS update on Linux Mint to address this.

Yip Armbian updated yesterday morning too.