Security update for cups-filters SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2024:3711-1 Final 1 1 2024-10-17T12:33:36Z current 2024-10-17T12:33:36Z 2024-10-17T12:33:36Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for cups-filters This update for cups-filters fixes the following issues: - cups-browsed would bind on UDP INADDR_ANY:631 and trust any packet from any source to trigger a Get-Printer-Attributes IPP request to an attacker controlled URL. This patch removes support for the legacy CUPS and LDAP protocols, the previous patch fix for this issue was incomplete (bsc#1230939, bsc#1231294, CVE-2024-47176, CVE-2024-47850) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2024-3711,SUSE-SLE-SERVER-12-SP5-2024-3711 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2024/suse-su-20243711-1/ Link for SUSE-SU-2024:3711-1 https://lists.suse.com/pipermail/sle-security-updates/2024-October/019654.html E-Mail link for SUSE-SU-2024:3711-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1230939 SUSE Bug 1230939 https://bugzilla.suse.com/1231294 SUSE Bug 1231294 https://www.suse.com/security/cve/CVE-2024-47176/ SUSE CVE CVE-2024-47176 page https://www.suse.com/security/cve/CVE-2024-47850/ SUSE CVE CVE-2024-47850 page SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 cups-filters-1.0.58-19.29.1 cups-filters-cups-browsed-1.0.58-19.29.1 cups-filters-devel-1.0.58-19.29.1 cups-filters-foomatic-rip-1.0.58-19.29.1 cups-filters-ghostscript-1.0.58-19.29.1 cups-filters-1.0.58-19.29.1 as a component of SUSE Linux Enterprise Server 12 SP5 cups-filters-cups-browsed-1.0.58-19.29.1 as a component of SUSE Linux Enterprise Server 12 SP5 cups-filters-foomatic-rip-1.0.58-19.29.1 as a component of SUSE Linux Enterprise Server 12 SP5 cups-filters-ghostscript-1.0.58-19.29.1 as a component of SUSE Linux Enterprise Server 12 SP5 cups-filters-1.0.58-19.29.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 cups-filters-cups-browsed-1.0.58-19.29.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 cups-filters-foomatic-rip-1.0.58-19.29.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 cups-filters-ghostscript-1.0.58-19.29.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to. CVE-2024-47176 SUSE Linux Enterprise Server 12 SP5:cups-filters-1.0.58-19.29.1 SUSE Linux Enterprise Server 12 SP5:cups-filters-cups-browsed-1.0.58-19.29.1 SUSE Linux Enterprise Server 12 SP5:cups-filters-foomatic-rip-1.0.58-19.29.1 SUSE Linux Enterprise Server 12 SP5:cups-filters-ghostscript-1.0.58-19.29.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-filters-1.0.58-19.29.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-filters-cups-browsed-1.0.58-19.29.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-filters-foomatic-rip-1.0.58-19.29.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-filters-ghostscript-1.0.58-19.29.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243711-1/ https://www.suse.com/security/cve/CVE-2024-47176.html CVE-2024-47176 https://bugzilla.suse.com/1230932 SUSE Bug 1230932 https://bugzilla.suse.com/1230939 SUSE Bug 1230939 CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. (The request is meant to probe the new printer but can be used to create DDoS amplification attacks.) CVE-2024-47850 SUSE Linux Enterprise Server 12 SP5:cups-filters-1.0.58-19.29.1 SUSE Linux Enterprise Server 12 SP5:cups-filters-cups-browsed-1.0.58-19.29.1 SUSE Linux Enterprise Server 12 SP5:cups-filters-foomatic-rip-1.0.58-19.29.1 SUSE Linux Enterprise Server 12 SP5:cups-filters-ghostscript-1.0.58-19.29.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-filters-1.0.58-19.29.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-filters-cups-browsed-1.0.58-19.29.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-filters-foomatic-rip-1.0.58-19.29.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:cups-filters-ghostscript-1.0.58-19.29.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243711-1/ https://www.suse.com/security/cve/CVE-2024-47850.html CVE-2024-47850 https://bugzilla.suse.com/1231294 SUSE Bug 1231294