Headline
RHSA-2023:3427: Red Hat Security Advisory: cups-filters security update
An update for cups-filters is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-24805: A vulnerability was found in cups-filters. This security flaw occurs if you use beh to create an accessible network printer, possibly resulting in remote code execution.
Synopsis
Important: cups-filters security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for cups-filters is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System (CUPS) distribution but is now maintained independently.
Security Fix(es):
- cups-filters: remote code execution in cups-filters, beh CUPS backend (CVE-2023-24805)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
- Red Hat Enterprise Linux Server - AUS 8.4 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.4 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4 ppc64le
- Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.4 s390x
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4 aarch64
Fixes
- BZ - 2203051 - CVE-2023-24805 cups-filters: remote code execution in cups-filters, beh CUPS backend
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4
SRPM
cups-filters-1.20.0-24.el8_4.1.src.rpm
SHA-256: 4e275cdf1cacada32e69cd84bddc1146ac9bfc8a93b7f3955e19c05c3dd335ad
x86_64
cups-filters-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: 67e5a286518160d69f60567f181fb7c6d7df267f8872fe6889bd9274340664d9
cups-filters-debuginfo-1.20.0-24.el8_4.1.i686.rpm
SHA-256: 0dbaff0f287d33afddcb649c6f2c99bb9d5c9bbcef43c3b45c265ef6e0257fdf
cups-filters-debuginfo-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: 85749526849bd3cd89e642f531cd91ed040f40cd4bc00aef9f44db6a2607fffa
cups-filters-debugsource-1.20.0-24.el8_4.1.i686.rpm
SHA-256: a6bc35c3acde8ce0f392098c398b38d1e5b04073bc99d315174729a0f6005d21
cups-filters-debugsource-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: 3d4877a6f73956e33797ff167674c6881780d21f7e84c63837549edf416f690b
cups-filters-libs-1.20.0-24.el8_4.1.i686.rpm
SHA-256: d9c67e3fede9104dfe1aa1ae55cc43f7e5b7fbb1f67d09ee0a88f9a543dfccfa
cups-filters-libs-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: d185cb615046f62e68fde6efdb57a5d366acc3b0beb71b8a1a9373b22fb1c4e5
cups-filters-libs-debuginfo-1.20.0-24.el8_4.1.i686.rpm
SHA-256: d1f137ea62dc28695c5be5fd5292f0c78d66f7ea88c02566d3a2a6e6eee492b0
cups-filters-libs-debuginfo-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: f0d69a5849a6d8a59d7b819bb66afbe0dffde4f5eac751c730ca0431aff2ab26
Red Hat Enterprise Linux Server - AUS 8.4
SRPM
cups-filters-1.20.0-24.el8_4.1.src.rpm
SHA-256: 4e275cdf1cacada32e69cd84bddc1146ac9bfc8a93b7f3955e19c05c3dd335ad
x86_64
cups-filters-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: 67e5a286518160d69f60567f181fb7c6d7df267f8872fe6889bd9274340664d9
cups-filters-debuginfo-1.20.0-24.el8_4.1.i686.rpm
SHA-256: 0dbaff0f287d33afddcb649c6f2c99bb9d5c9bbcef43c3b45c265ef6e0257fdf
cups-filters-debuginfo-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: 85749526849bd3cd89e642f531cd91ed040f40cd4bc00aef9f44db6a2607fffa
cups-filters-debugsource-1.20.0-24.el8_4.1.i686.rpm
SHA-256: a6bc35c3acde8ce0f392098c398b38d1e5b04073bc99d315174729a0f6005d21
cups-filters-debugsource-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: 3d4877a6f73956e33797ff167674c6881780d21f7e84c63837549edf416f690b
cups-filters-libs-1.20.0-24.el8_4.1.i686.rpm
SHA-256: d9c67e3fede9104dfe1aa1ae55cc43f7e5b7fbb1f67d09ee0a88f9a543dfccfa
cups-filters-libs-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: d185cb615046f62e68fde6efdb57a5d366acc3b0beb71b8a1a9373b22fb1c4e5
cups-filters-libs-debuginfo-1.20.0-24.el8_4.1.i686.rpm
SHA-256: d1f137ea62dc28695c5be5fd5292f0c78d66f7ea88c02566d3a2a6e6eee492b0
cups-filters-libs-debuginfo-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: f0d69a5849a6d8a59d7b819bb66afbe0dffde4f5eac751c730ca0431aff2ab26
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4
SRPM
cups-filters-1.20.0-24.el8_4.1.src.rpm
SHA-256: 4e275cdf1cacada32e69cd84bddc1146ac9bfc8a93b7f3955e19c05c3dd335ad
s390x
cups-filters-1.20.0-24.el8_4.1.s390x.rpm
SHA-256: b14c306f2d61bba3280bfeeaae307b5872524722e0062fb366096d4f7301a80f
cups-filters-debuginfo-1.20.0-24.el8_4.1.s390x.rpm
SHA-256: 60242396641be0e25e727e1db7457c290e3b478ca2e08c81d4ff68adf954409c
cups-filters-debugsource-1.20.0-24.el8_4.1.s390x.rpm
SHA-256: dd18cb6b3c3445ababd8511aea1f33ab0b718221faaed74c922fa9cb9e45c5d9
cups-filters-libs-1.20.0-24.el8_4.1.s390x.rpm
SHA-256: 1612e1e19bad9b5fc462a765f829de41a3af9161d112e37de42b48c5e9e5a10b
cups-filters-libs-debuginfo-1.20.0-24.el8_4.1.s390x.rpm
SHA-256: b306cd0429a474c7bcd5c8e9202bab4bad445cf1e9362a9030a0dcda02b3382d
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4
SRPM
cups-filters-1.20.0-24.el8_4.1.src.rpm
SHA-256: 4e275cdf1cacada32e69cd84bddc1146ac9bfc8a93b7f3955e19c05c3dd335ad
ppc64le
cups-filters-1.20.0-24.el8_4.1.ppc64le.rpm
SHA-256: 6a16e7ed09832dcb26f259635ba7ed454c49c9ca630f12e93f4c721d6612fb6b
cups-filters-debuginfo-1.20.0-24.el8_4.1.ppc64le.rpm
SHA-256: bd71843a2a51dbb029fcb69f06ee430d78ca2c80b5a0c03696e6a77a2a962149
cups-filters-debugsource-1.20.0-24.el8_4.1.ppc64le.rpm
SHA-256: cf97fa11cce717bac2ec0fcd3795f9b5b4bfe3c5f9e46ec90de9e2db1b335ea9
cups-filters-libs-1.20.0-24.el8_4.1.ppc64le.rpm
SHA-256: fb4267b2f547939cfbb90da2a8c6985a65d56dc77cd0b3df1475c1d6bc591c7d
cups-filters-libs-debuginfo-1.20.0-24.el8_4.1.ppc64le.rpm
SHA-256: 42712994a531f74f2acbb946aad3e3005125a690188ca90b90b9feaf6ffd6b22
Red Hat Enterprise Linux Server - TUS 8.4
SRPM
cups-filters-1.20.0-24.el8_4.1.src.rpm
SHA-256: 4e275cdf1cacada32e69cd84bddc1146ac9bfc8a93b7f3955e19c05c3dd335ad
x86_64
cups-filters-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: 67e5a286518160d69f60567f181fb7c6d7df267f8872fe6889bd9274340664d9
cups-filters-debuginfo-1.20.0-24.el8_4.1.i686.rpm
SHA-256: 0dbaff0f287d33afddcb649c6f2c99bb9d5c9bbcef43c3b45c265ef6e0257fdf
cups-filters-debuginfo-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: 85749526849bd3cd89e642f531cd91ed040f40cd4bc00aef9f44db6a2607fffa
cups-filters-debugsource-1.20.0-24.el8_4.1.i686.rpm
SHA-256: a6bc35c3acde8ce0f392098c398b38d1e5b04073bc99d315174729a0f6005d21
cups-filters-debugsource-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: 3d4877a6f73956e33797ff167674c6881780d21f7e84c63837549edf416f690b
cups-filters-libs-1.20.0-24.el8_4.1.i686.rpm
SHA-256: d9c67e3fede9104dfe1aa1ae55cc43f7e5b7fbb1f67d09ee0a88f9a543dfccfa
cups-filters-libs-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: d185cb615046f62e68fde6efdb57a5d366acc3b0beb71b8a1a9373b22fb1c4e5
cups-filters-libs-debuginfo-1.20.0-24.el8_4.1.i686.rpm
SHA-256: d1f137ea62dc28695c5be5fd5292f0c78d66f7ea88c02566d3a2a6e6eee492b0
cups-filters-libs-debuginfo-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: f0d69a5849a6d8a59d7b819bb66afbe0dffde4f5eac751c730ca0431aff2ab26
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4
SRPM
cups-filters-1.20.0-24.el8_4.1.src.rpm
SHA-256: 4e275cdf1cacada32e69cd84bddc1146ac9bfc8a93b7f3955e19c05c3dd335ad
aarch64
cups-filters-1.20.0-24.el8_4.1.aarch64.rpm
SHA-256: 3aedfd27fcbd1e80b05b3a1845278f7b260550f1274c9324d16fb0f73018bbd0
cups-filters-debuginfo-1.20.0-24.el8_4.1.aarch64.rpm
SHA-256: 74e67a31c2da39e0d9f80624f8a0a7699ca34182e2890190c3bec96e146fbd91
cups-filters-debugsource-1.20.0-24.el8_4.1.aarch64.rpm
SHA-256: 649ba43be462f66f3e0e2ebf1187ed12df1f15c7a9ed2e3ae91d3e6e5700f1ef
cups-filters-libs-1.20.0-24.el8_4.1.aarch64.rpm
SHA-256: 5e9453f82397bea223f1e245ea23f1cba258a0789fa040e32f1030a01e1990be
cups-filters-libs-debuginfo-1.20.0-24.el8_4.1.aarch64.rpm
SHA-256: a71c79dccca9cca6c037fda6ed4d5d3cbb3b03df2c629caff481e96c766fbee5
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4
SRPM
cups-filters-1.20.0-24.el8_4.1.src.rpm
SHA-256: 4e275cdf1cacada32e69cd84bddc1146ac9bfc8a93b7f3955e19c05c3dd335ad
ppc64le
cups-filters-1.20.0-24.el8_4.1.ppc64le.rpm
SHA-256: 6a16e7ed09832dcb26f259635ba7ed454c49c9ca630f12e93f4c721d6612fb6b
cups-filters-debuginfo-1.20.0-24.el8_4.1.ppc64le.rpm
SHA-256: bd71843a2a51dbb029fcb69f06ee430d78ca2c80b5a0c03696e6a77a2a962149
cups-filters-debugsource-1.20.0-24.el8_4.1.ppc64le.rpm
SHA-256: cf97fa11cce717bac2ec0fcd3795f9b5b4bfe3c5f9e46ec90de9e2db1b335ea9
cups-filters-libs-1.20.0-24.el8_4.1.ppc64le.rpm
SHA-256: fb4267b2f547939cfbb90da2a8c6985a65d56dc77cd0b3df1475c1d6bc591c7d
cups-filters-libs-debuginfo-1.20.0-24.el8_4.1.ppc64le.rpm
SHA-256: 42712994a531f74f2acbb946aad3e3005125a690188ca90b90b9feaf6ffd6b22
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4
SRPM
cups-filters-1.20.0-24.el8_4.1.src.rpm
SHA-256: 4e275cdf1cacada32e69cd84bddc1146ac9bfc8a93b7f3955e19c05c3dd335ad
x86_64
cups-filters-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: 67e5a286518160d69f60567f181fb7c6d7df267f8872fe6889bd9274340664d9
cups-filters-debuginfo-1.20.0-24.el8_4.1.i686.rpm
SHA-256: 0dbaff0f287d33afddcb649c6f2c99bb9d5c9bbcef43c3b45c265ef6e0257fdf
cups-filters-debuginfo-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: 85749526849bd3cd89e642f531cd91ed040f40cd4bc00aef9f44db6a2607fffa
cups-filters-debugsource-1.20.0-24.el8_4.1.i686.rpm
SHA-256: a6bc35c3acde8ce0f392098c398b38d1e5b04073bc99d315174729a0f6005d21
cups-filters-debugsource-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: 3d4877a6f73956e33797ff167674c6881780d21f7e84c63837549edf416f690b
cups-filters-libs-1.20.0-24.el8_4.1.i686.rpm
SHA-256: d9c67e3fede9104dfe1aa1ae55cc43f7e5b7fbb1f67d09ee0a88f9a543dfccfa
cups-filters-libs-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: d185cb615046f62e68fde6efdb57a5d366acc3b0beb71b8a1a9373b22fb1c4e5
cups-filters-libs-debuginfo-1.20.0-24.el8_4.1.i686.rpm
SHA-256: d1f137ea62dc28695c5be5fd5292f0c78d66f7ea88c02566d3a2a6e6eee492b0
cups-filters-libs-debuginfo-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: f0d69a5849a6d8a59d7b819bb66afbe0dffde4f5eac751c730ca0431aff2ab26
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4
SRPM
x86_64
cups-filters-debuginfo-1.20.0-24.el8_4.1.i686.rpm
SHA-256: 0dbaff0f287d33afddcb649c6f2c99bb9d5c9bbcef43c3b45c265ef6e0257fdf
cups-filters-debuginfo-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: 85749526849bd3cd89e642f531cd91ed040f40cd4bc00aef9f44db6a2607fffa
cups-filters-debugsource-1.20.0-24.el8_4.1.i686.rpm
SHA-256: a6bc35c3acde8ce0f392098c398b38d1e5b04073bc99d315174729a0f6005d21
cups-filters-debugsource-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: 3d4877a6f73956e33797ff167674c6881780d21f7e84c63837549edf416f690b
cups-filters-devel-1.20.0-24.el8_4.1.i686.rpm
SHA-256: 446922b7b6a68e8b14760c95a76c5f99d9f5943be67d5c15c7be70560ed5da1d
cups-filters-devel-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: f1a7915997a7ef2db5c5ea85883cd28e9014668c369d4abd9970e8d54342eae0
cups-filters-libs-debuginfo-1.20.0-24.el8_4.1.i686.rpm
SHA-256: d1f137ea62dc28695c5be5fd5292f0c78d66f7ea88c02566d3a2a6e6eee492b0
cups-filters-libs-debuginfo-1.20.0-24.el8_4.1.x86_64.rpm
SHA-256: f0d69a5849a6d8a59d7b819bb66afbe0dffde4f5eac751c730ca0431aff2ab26
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4
SRPM
ppc64le
cups-filters-debuginfo-1.20.0-24.el8_4.1.ppc64le.rpm
SHA-256: bd71843a2a51dbb029fcb69f06ee430d78ca2c80b5a0c03696e6a77a2a962149
cups-filters-debugsource-1.20.0-24.el8_4.1.ppc64le.rpm
SHA-256: cf97fa11cce717bac2ec0fcd3795f9b5b4bfe3c5f9e46ec90de9e2db1b335ea9
cups-filters-devel-1.20.0-24.el8_4.1.ppc64le.rpm
SHA-256: 9e22dd14bf8ab6b21160e4e8b8824a8e131419467d8790ed83ab88cb0224d5d6
cups-filters-libs-debuginfo-1.20.0-24.el8_4.1.ppc64le.rpm
SHA-256: 42712994a531f74f2acbb946aad3e3005125a690188ca90b90b9feaf6ffd6b22
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.4
SRPM
s390x
cups-filters-debuginfo-1.20.0-24.el8_4.1.s390x.rpm
SHA-256: 60242396641be0e25e727e1db7457c290e3b478ca2e08c81d4ff68adf954409c
cups-filters-debugsource-1.20.0-24.el8_4.1.s390x.rpm
SHA-256: dd18cb6b3c3445ababd8511aea1f33ab0b718221faaed74c922fa9cb9e45c5d9
cups-filters-devel-1.20.0-24.el8_4.1.s390x.rpm
SHA-256: f411ad5d80c44535866bc176648c6775879ffb79c7d43a7631330a152cc0c6bf
cups-filters-libs-debuginfo-1.20.0-24.el8_4.1.s390x.rpm
SHA-256: b306cd0429a474c7bcd5c8e9202bab4bad445cf1e9362a9030a0dcda02b3382d
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4
SRPM
aarch64
cups-filters-debuginfo-1.20.0-24.el8_4.1.aarch64.rpm
SHA-256: 74e67a31c2da39e0d9f80624f8a0a7699ca34182e2890190c3bec96e146fbd91
cups-filters-debugsource-1.20.0-24.el8_4.1.aarch64.rpm
SHA-256: 649ba43be462f66f3e0e2ebf1187ed12df1f15c7a9ed2e3ae91d3e6e5700f1ef
cups-filters-devel-1.20.0-24.el8_4.1.aarch64.rpm
SHA-256: 1b17c951710ce82c3064feb881a152f315a31ff85de28df96a1aa12f40b008bc
cups-filters-libs-debuginfo-1.20.0-24.el8_4.1.aarch64.rpm
SHA-256: a71c79dccca9cca6c037fda6ed4d5d3cbb3b03df2c629caff481e96c766fbee5
Related news
Ubuntu Security Notice 6083-2 - USN-6083-1 fixed a vulnerability in cups-filters. This update provides the corresponding update for Ubuntu 16.04 LTS. It was discovered that cups-filters incorrectly handled the beh CUPS backend. A remote attacker could possibly use this issue to cause the backend to stop responding or to execute arbitrary code.
Red Hat Security Advisory 2023-3428-01 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-3425-01 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-3429-02 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-3426-01 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-3423-01 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.
An update for cups-filters is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24805: A vulnerability was found in cups-filters. This security flaw occurs if you use beh to create an accessible network printer, possibly resulting in remote code execution.
An update for cups-filters is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24805: A vulnerability was found in cups-filters. This security flaw occurs if you use beh to create an accessible network printer, possibly resulting in remote code execution.
An update for cups-filters is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24805: A vulnerability was found in cups-filters. This security flaw occurs if you use beh to create an accessible network printer, possibly resulting in remote code execution.
An update for cups-filters is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24805: A vulnerability was found in cups-filters. This security flaw occurs if you use beh to create an accessible network printer, possibly resulting in remote code execution.
Debian Linux Security Advisory 5407-1 - It was discovered that missing input sanitising in cups-filters, when using the Backend Error Handler (beh) backend to create an accessible network printer, may result in the execution of arbitrary commands.
cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you use the Backend Error Handler (beh) to create an accessible network printer, this security vulnerability can cause remote code execution. `beh.c` contains the line `retval = system(cmdline) >> 8;` which calls the `system` command with the operand `cmdline`. `cmdline` contains multiple user controlled, unsanitized values. As a result an attacker with network access to the hosted print server can exploit this vulnerability to inject system commands which are executed in the context of the running server. This issue has been addressed in commit `8f2740357` and is expected to be bundled in the next release. Users are advised to upgrade when possible and to restrict access to network printers in the meantime.