Headline
RHSA-2023:3428: Red Hat Security Advisory: cups-filters security update
An update for cups-filters is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-24805: A vulnerability was found in cups-filters. This security flaw occurs if you use beh to create an accessible network printer, possibly resulting in remote code execution.
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2023-06-02
Updated:
2023-06-02
RHSA-2023:3428 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: cups-filters security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for cups-filters is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System (CUPS) distribution but is now maintained independently.
Security Fix(es):
- cups-filters: remote code execution in cups-filters, beh CUPS backend (CVE-2023-24805)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Server - AUS 8.2 x86_64
- Red Hat Enterprise Linux Server - TUS 8.2 x86_64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64
Fixes
- BZ - 2203051 - CVE-2023-24805 cups-filters: remote code execution in cups-filters, beh CUPS backend
Red Hat Enterprise Linux Server - AUS 8.2
SRPM
cups-filters-1.20.0-19.el8_2.1.src.rpm
SHA-256: 46f67970fe64c91e36d2780b0d56165c974a46d4f2e8695e6744270a139b0f4b
x86_64
cups-filters-1.20.0-19.el8_2.1.x86_64.rpm
SHA-256: 3cb7ba83082b50ff0c49a1ee8a8ccc99433d7a143f5cd714e87fa9aa1b29bfb1
cups-filters-debuginfo-1.20.0-19.el8_2.1.i686.rpm
SHA-256: a05599c4687ff82f13dcd50b9a005aae7e5f8ced05cc65879e9e1be2b7b7acf6
cups-filters-debuginfo-1.20.0-19.el8_2.1.x86_64.rpm
SHA-256: 0f94926dcb4ad0035f43e11a081c5922906b6e20dd2f7d282953362cf80f5258
cups-filters-debugsource-1.20.0-19.el8_2.1.i686.rpm
SHA-256: f30db1516ed76ee05a981229cd70942b42a92668052e7237fc9a22e4d328e54c
cups-filters-debugsource-1.20.0-19.el8_2.1.x86_64.rpm
SHA-256: 7d535d21949703f4ccaec9bd5748a2156b81acc38877be290b23faa46e0d1918
cups-filters-libs-1.20.0-19.el8_2.1.i686.rpm
SHA-256: 124ca41af563f0159c28381d7f9781d76b7f3ced0a9cd918f9768a0bfda0c3c2
cups-filters-libs-1.20.0-19.el8_2.1.x86_64.rpm
SHA-256: 71c8cde22de2c4d5858dbe6ff2f8fd5740e8fd9f68b3554c7b82fed8791b3d6e
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.i686.rpm
SHA-256: 75bf03eab44eaed1954e43d33fb5e063fa216181e4439bbc6be311b447317271
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.x86_64.rpm
SHA-256: e3b2333f6f523e8870f1f81a30db7a02585282106349c2b59b13996c6483422c
Red Hat Enterprise Linux Server - TUS 8.2
SRPM
cups-filters-1.20.0-19.el8_2.1.src.rpm
SHA-256: 46f67970fe64c91e36d2780b0d56165c974a46d4f2e8695e6744270a139b0f4b
x86_64
cups-filters-1.20.0-19.el8_2.1.x86_64.rpm
SHA-256: 3cb7ba83082b50ff0c49a1ee8a8ccc99433d7a143f5cd714e87fa9aa1b29bfb1
cups-filters-debuginfo-1.20.0-19.el8_2.1.i686.rpm
SHA-256: a05599c4687ff82f13dcd50b9a005aae7e5f8ced05cc65879e9e1be2b7b7acf6
cups-filters-debuginfo-1.20.0-19.el8_2.1.x86_64.rpm
SHA-256: 0f94926dcb4ad0035f43e11a081c5922906b6e20dd2f7d282953362cf80f5258
cups-filters-debugsource-1.20.0-19.el8_2.1.i686.rpm
SHA-256: f30db1516ed76ee05a981229cd70942b42a92668052e7237fc9a22e4d328e54c
cups-filters-debugsource-1.20.0-19.el8_2.1.x86_64.rpm
SHA-256: 7d535d21949703f4ccaec9bd5748a2156b81acc38877be290b23faa46e0d1918
cups-filters-libs-1.20.0-19.el8_2.1.i686.rpm
SHA-256: 124ca41af563f0159c28381d7f9781d76b7f3ced0a9cd918f9768a0bfda0c3c2
cups-filters-libs-1.20.0-19.el8_2.1.x86_64.rpm
SHA-256: 71c8cde22de2c4d5858dbe6ff2f8fd5740e8fd9f68b3554c7b82fed8791b3d6e
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.i686.rpm
SHA-256: 75bf03eab44eaed1954e43d33fb5e063fa216181e4439bbc6be311b447317271
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.x86_64.rpm
SHA-256: e3b2333f6f523e8870f1f81a30db7a02585282106349c2b59b13996c6483422c
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2
SRPM
cups-filters-1.20.0-19.el8_2.1.src.rpm
SHA-256: 46f67970fe64c91e36d2780b0d56165c974a46d4f2e8695e6744270a139b0f4b
ppc64le
cups-filters-1.20.0-19.el8_2.1.ppc64le.rpm
SHA-256: 1019abb0bc760862ec5dae64863deb6f9400b7fa417796f5f80dd74b52e3979d
cups-filters-debuginfo-1.20.0-19.el8_2.1.ppc64le.rpm
SHA-256: 197860fc585e0cf04b4f266b1282fd65d80a69dabf303a8e1c625e5ca376a97a
cups-filters-debugsource-1.20.0-19.el8_2.1.ppc64le.rpm
SHA-256: df7e0cc02077b8eb0853ec9fb679388ae7559418a1ea3acb56881739b1692e64
cups-filters-libs-1.20.0-19.el8_2.1.ppc64le.rpm
SHA-256: fdee2f6272b2dde2c03dbd14e76e942a4917e0f2eea4d20cff4613bb8253d6ed
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.ppc64le.rpm
SHA-256: 517724c23d663dd36214af4e3563231eaf0bb666d817eaebbddb7229c6dc0618
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2
SRPM
cups-filters-1.20.0-19.el8_2.1.src.rpm
SHA-256: 46f67970fe64c91e36d2780b0d56165c974a46d4f2e8695e6744270a139b0f4b
Download
x86_64
cups-filters-1.20.0-19.el8_2.1.x86_64.rpm
SHA-256: 3cb7ba83082b50ff0c49a1ee8a8ccc99433d7a143f5cd714e87fa9aa1b29bfb1
Download
cups-filters-debuginfo-1.20.0-19.el8_2.1.i686.rpm
SHA-256: a05599c4687ff82f13dcd50b9a005aae7e5f8ced05cc65879e9e1be2b7b7acf6
Download
cups-filters-debuginfo-1.20.0-19.el8_2.1.x86_64.rpm
SHA-256: 0f94926dcb4ad0035f43e11a081c5922906b6e20dd2f7d282953362cf80f5258
Download
cups-filters-debugsource-1.20.0-19.el8_2.1.i686.rpm
SHA-256: f30db1516ed76ee05a981229cd70942b42a92668052e7237fc9a22e4d328e54c
Download
cups-filters-debugsource-1.20.0-19.el8_2.1.x86_64.rpm
SHA-256: 7d535d21949703f4ccaec9bd5748a2156b81acc38877be290b23faa46e0d1918
Download
cups-filters-libs-1.20.0-19.el8_2.1.i686.rpm
SHA-256: 124ca41af563f0159c28381d7f9781d76b7f3ced0a9cd918f9768a0bfda0c3c2
Download
cups-filters-libs-1.20.0-19.el8_2.1.x86_64.rpm
SHA-256: 71c8cde22de2c4d5858dbe6ff2f8fd5740e8fd9f68b3554c7b82fed8791b3d6e
Download
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.i686.rpm
SHA-256: 75bf03eab44eaed1954e43d33fb5e063fa216181e4439bbc6be311b447317271
Download
cups-filters-libs-debuginfo-1.20.0-19.el8_2.1.x86_64.rpm
SHA-256: e3b2333f6f523e8870f1f81a30db7a02585282106349c2b59b13996c6483422c
Download
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
- Have feedback? Tell us what you think
- If you need assistance, contact Customer Service
Related news
Gentoo Linux Security Advisory 202401-6 - A vulnerability has been found in CUPS filters where remote code execution is possible via the beh filter. Versions greater than or equal to 1.28.17-r2 are affected.
Ubuntu Security Notice 6083-2 - USN-6083-1 fixed a vulnerability in cups-filters. This update provides the corresponding update for Ubuntu 16.04 LTS. It was discovered that cups-filters incorrectly handled the beh CUPS backend. A remote attacker could possibly use this issue to cause the backend to stop responding or to execute arbitrary code.
Red Hat Security Advisory 2023-3428-01 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-3425-01 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-3429-02 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-3426-01 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-3423-01 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.
An update for cups-filters is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24805: A vulnerability was found in cups-filters. This security flaw occurs if you use beh to create an accessible network printer, possibly resulting in remote code execution.
An update for cups-filters is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24805: A vulnerability was found in cups-filters. This security flaw occurs if you use beh to create an accessible network printer, possibly resulting in remote code execution.
An update for cups-filters is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24805: A vulnerability was found in cups-filters. This security flaw occurs if you use beh to create an accessible network printer, possibly resulting in remote code execution.
An update for cups-filters is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24805: A vulnerability was found in cups-filters. This security flaw occurs if you use beh to create an accessible network printer, possibly resulting in remote code execution.
Debian Linux Security Advisory 5407-1 - It was discovered that missing input sanitising in cups-filters, when using the Backend Error Handler (beh) backend to create an accessible network printer, may result in the execution of arbitrary commands.
cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you use the Backend Error Handler (beh) to create an accessible network printer, this security vulnerability can cause remote code execution. `beh.c` contains the line `retval = system(cmdline) >> 8;` which calls the `system` command with the operand `cmdline`. `cmdline` contains multiple user controlled, unsanitized values. As a result an attacker with network access to the hosted print server can exploit this vulnerability to inject system commands which are executed in the context of the running server. This issue has been addressed in commit `8f2740357` and is expected to be bundled in the next release. Users are advised to upgrade when possible and to restrict access to network printers in the meantime.