Printing vulnerability affecting Linux distros raises alarm

A series of four dangerous flaws in the Common Unix Printing System (Cups) has been recently discovered, causing concern among security professionals due to its widespread use across various operating systems such as GNU/Linux distros, Apple macOS, and Google Chrome/Chromium. These vulnerabilities were identified by researcher Simone Margaritelli, also known as evilsocket, who found that more than 76,000 devices, including 42,000 publicly accessible ones, may be at risk.

The vulnerabilities, tracked as CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, could potentially allow remote code execution on vulnerable systems. Attackers can exploit these flaws by adding a malicious Internet Printing Protocol (IPP) URL to a computer as a “ghost” printer and initiating a print job. Saeed Abbasi from the Qualys Threat Research Unit emphasized the critical nature of these vulnerabilities, stating that attackers could gain full control over affected systems without the need for valid credentials.

Given the broad attack surface of GNU/Linux systems in enterprise environments, cloud infrastructure, and critical applications, organizations are advised to assess their exposure risk, limit network access, deactivate non-essential services, and implement strict access controls. Quick patching and thorough testing of patches are recommended to prevent service interruptions.