Headline
Ubuntu Security Notice USN-6128-2
Ubuntu Security Notice 6128-2 - USN-6128-1 fixed a vulnerability in CUPS. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that CUPS incorrectly handled logging. A remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code.
==========================================================================Ubuntu Security Notice USN-6128-2June 01, 2023cups vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 16.04 LTS (Available with Ubuntu Pro)Summary:CUPS could be made to crash or run programs if it received speciallycrafted network traffic.Software Description:- cups: Common UNIX Printing System(tm)Details:USN-6128-1 fixed a vulnerability in CUPS. This update providesthe corresponding update for Ubuntu 16.04 ESM.Original advisory details: It was discovered that CUPS incorrectly handled logging. A remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 16.04 LTS (Available with Ubuntu Pro): cups 2.1.3-4ubuntu0.11+esm2In general, a standard system update will make all the necessary changes.References: https://ubuntu.com/security/notices/USN-6128-2 https://ubuntu.com/security/notices/USN-6128-1 CVE-2023-32324Related news
Red Hat Security Advisory 2024-1409-03 - An update for cups is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include buffer overflow, denial of service, and use-after-free vulnerabilities.
Gentoo Linux Security Advisory 202402-17 - Multiple vulnerabilities have been discovered in CUPS, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 2.4.7 are affected.
Red Hat Security Advisory 2023-7165-01 - An update for cups is now available for Red Hat Enterprise Linux 8. Issues addressed include buffer overflow, denial of service, and use-after-free vulnerabilities.
OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication.
Ubuntu Security Notice 6128-1 - It was discovered that CUPS incorrectly handled logging. A remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code.