Connect with us

Tech News

Printing vulnerability affecting Linux distros raises alarm

Published

on

Printing vulnerability affecting Linux distros raises alarm

A series of four dangerous flaws in the Common Unix Printing System (Cups) has been recently discovered, causing concern among security professionals due to its widespread use across various operating systems such as GNU/Linux distros, Apple macOS, and Google Chrome/Chromium. These vulnerabilities were identified by researcher Simone Margaritelli, also known as evilsocket, who found that more than 76,000 devices, including 42,000 publicly accessible ones, may be at risk.

The vulnerabilities, tracked as CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, could potentially allow remote code execution on vulnerable systems. Attackers can exploit these flaws by adding a malicious Internet Printing Protocol (IPP) URL to a computer as a “ghost” printer and initiating a print job. Saeed Abbasi from the Qualys Threat Research Unit emphasized the critical nature of these vulnerabilities, stating that attackers could gain full control over affected systems without the need for valid credentials.

Given the broad attack surface of GNU/Linux systems in enterprise environments, cloud infrastructure, and critical applications, organizations are advised to assess their exposure risk, limit network access, deactivate non-essential services, and implement strict access controls. Quick patching and thorough testing of patches are recommended to prevent service interruptions.

Comparisons to Log4j?

With a high CVSS score indicating the ease of exploitation, the Cups vulnerabilities have drawn comparisons to the Log4Shell vulnerability in Apache Log4j2. Brian Fox of the Open Source Security Foundation highlighted the potential impact of successful exploitation on various systems running on Linux. Enterprise security teams are advised to proactively identify and patch vulnerable systems to mitigate the risk of attacks.

See also  Watch Out For The ‘0.0.0.0 Day’ Flaw Affecting Web Browsers

While fixed versions for the vulnerabilities are yet to be released, impacted users can take measures to mitigate the risk by disabling the Cups-browsed service, blocking traffic to UDP port 631, and DNS-SD traffic. Shachar Menashe from JFrog Security Research recommended these steps until official patches become available.

Trending