Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:3426: Red Hat Security Advisory: cups-filters security update

An update for cups-filters is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-24805: A vulnerability was found in cups-filters. This security flaw occurs if you use beh to create an accessible network printer, possibly resulting in remote code execution.
Red Hat Security Data
#vulnerability#linux#red_hat#rce#ibm#sap

Synopsis

Important: cups-filters security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for cups-filters is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System (CUPS) distribution but is now maintained independently.

Security Fix(es):

  • cups-filters: remote code execution in cups-filters, beh CUPS backend (CVE-2023-24805)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6 aarch64

Fixes

  • BZ - 2203051 - CVE-2023-24805 cups-filters: remote code execution in cups-filters, beh CUPS backend

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

SRPM

cups-filters-1.20.0-27.el8_6.1.src.rpm

SHA-256: c87344358037458870fd03185840774afbead0638c64673d67336fb867e27869

x86_64

cups-filters-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: 996f730ce679721df59f9b00afa323f2d5924125fd4df182fbbf44a9cafa0f75

cups-filters-debuginfo-1.20.0-27.el8_6.1.i686.rpm

SHA-256: 8a0bc9723fbea1eb4251cc124e5a0f912668268f025dba1258f6abaa97aa4ea6

cups-filters-debuginfo-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: c8dca703ea1b92b00d09e4471766c8232fb01c7ce6449b587324dc1ee5001bb2

cups-filters-debugsource-1.20.0-27.el8_6.1.i686.rpm

SHA-256: ab63daae90e1aefbac638dfaf833dc08fb03ad2db8e3eb8eafdf7486f00bfa96

cups-filters-debugsource-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: 6714d15fb1c204ed35ac119a40b08b66dc860771344a946c71cac4ede103b42a

cups-filters-libs-1.20.0-27.el8_6.1.i686.rpm

SHA-256: aea275e8a5bf73ee045f8f4bd8aa8591ab452934d3992489847db8075502a9f8

cups-filters-libs-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: 8aa5a73a4bb8ad171c1880be638e6b841a572492c17be7d06b6080618ff7a761

cups-filters-libs-debuginfo-1.20.0-27.el8_6.1.i686.rpm

SHA-256: 5f0979cf57a711e8b84ba8df6b6618291c2c8983e86b2fb3300489a176e96085

cups-filters-libs-debuginfo-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: 70bbb61e400ad2d275ac68c80f254ee750482667f5c04035c5cba42ef861d504

Red Hat Enterprise Linux Server - AUS 8.6

SRPM

cups-filters-1.20.0-27.el8_6.1.src.rpm

SHA-256: c87344358037458870fd03185840774afbead0638c64673d67336fb867e27869

x86_64

cups-filters-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: 996f730ce679721df59f9b00afa323f2d5924125fd4df182fbbf44a9cafa0f75

cups-filters-debuginfo-1.20.0-27.el8_6.1.i686.rpm

SHA-256: 8a0bc9723fbea1eb4251cc124e5a0f912668268f025dba1258f6abaa97aa4ea6

cups-filters-debuginfo-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: c8dca703ea1b92b00d09e4471766c8232fb01c7ce6449b587324dc1ee5001bb2

cups-filters-debugsource-1.20.0-27.el8_6.1.i686.rpm

SHA-256: ab63daae90e1aefbac638dfaf833dc08fb03ad2db8e3eb8eafdf7486f00bfa96

cups-filters-debugsource-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: 6714d15fb1c204ed35ac119a40b08b66dc860771344a946c71cac4ede103b42a

cups-filters-libs-1.20.0-27.el8_6.1.i686.rpm

SHA-256: aea275e8a5bf73ee045f8f4bd8aa8591ab452934d3992489847db8075502a9f8

cups-filters-libs-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: 8aa5a73a4bb8ad171c1880be638e6b841a572492c17be7d06b6080618ff7a761

cups-filters-libs-debuginfo-1.20.0-27.el8_6.1.i686.rpm

SHA-256: 5f0979cf57a711e8b84ba8df6b6618291c2c8983e86b2fb3300489a176e96085

cups-filters-libs-debuginfo-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: 70bbb61e400ad2d275ac68c80f254ee750482667f5c04035c5cba42ef861d504

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6

SRPM

cups-filters-1.20.0-27.el8_6.1.src.rpm

SHA-256: c87344358037458870fd03185840774afbead0638c64673d67336fb867e27869

s390x

cups-filters-1.20.0-27.el8_6.1.s390x.rpm

SHA-256: 51ad5be4526e62273894617cb6d7eab9be89ff0941222a055a283dc6e599629b

cups-filters-debuginfo-1.20.0-27.el8_6.1.s390x.rpm

SHA-256: 3cf4df0e77e71746e48e770661968a1be2203aec94aec1d6f7b49f6564065707

cups-filters-debugsource-1.20.0-27.el8_6.1.s390x.rpm

SHA-256: f4c149ae6d07021c08be1f801cf3c3d4b4cfd315f5833038d5498a233b478515

cups-filters-libs-1.20.0-27.el8_6.1.s390x.rpm

SHA-256: c49a02c10b8ee0e0bf22002814faee0aae8bb2d3a18a86599097b0685a5c8094

cups-filters-libs-debuginfo-1.20.0-27.el8_6.1.s390x.rpm

SHA-256: a185941bad290928fcd9f88321126717c2af966fa277591545427bfc9a116837

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6

SRPM

cups-filters-1.20.0-27.el8_6.1.src.rpm

SHA-256: c87344358037458870fd03185840774afbead0638c64673d67336fb867e27869

ppc64le

cups-filters-1.20.0-27.el8_6.1.ppc64le.rpm

SHA-256: 2c63fa318dab29eccbe5f1383aab42c7ed9c03ea5cd76a1882b6cb9592952e5b

cups-filters-debuginfo-1.20.0-27.el8_6.1.ppc64le.rpm

SHA-256: 8393229a68365f8cc549d5d7fb49a85a966fb9f3e04747c23f08d2340a544fa7

cups-filters-debugsource-1.20.0-27.el8_6.1.ppc64le.rpm

SHA-256: 836b2f6d5f48c83072cf9c26bd7492dd0c9c46934b556574270da274d72af1f3

cups-filters-libs-1.20.0-27.el8_6.1.ppc64le.rpm

SHA-256: 1bb5233598d066b7570f79ba5ab73093f56553b5b3d6dccb74cc45fd351e82ec

cups-filters-libs-debuginfo-1.20.0-27.el8_6.1.ppc64le.rpm

SHA-256: 201f9ae583ddefc3b92e635f61e7552d2f8f7c5eb51c87ec99d3b2369cc7e94a

Red Hat Enterprise Linux Server - TUS 8.6

SRPM

cups-filters-1.20.0-27.el8_6.1.src.rpm

SHA-256: c87344358037458870fd03185840774afbead0638c64673d67336fb867e27869

x86_64

cups-filters-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: 996f730ce679721df59f9b00afa323f2d5924125fd4df182fbbf44a9cafa0f75

cups-filters-debuginfo-1.20.0-27.el8_6.1.i686.rpm

SHA-256: 8a0bc9723fbea1eb4251cc124e5a0f912668268f025dba1258f6abaa97aa4ea6

cups-filters-debuginfo-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: c8dca703ea1b92b00d09e4471766c8232fb01c7ce6449b587324dc1ee5001bb2

cups-filters-debugsource-1.20.0-27.el8_6.1.i686.rpm

SHA-256: ab63daae90e1aefbac638dfaf833dc08fb03ad2db8e3eb8eafdf7486f00bfa96

cups-filters-debugsource-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: 6714d15fb1c204ed35ac119a40b08b66dc860771344a946c71cac4ede103b42a

cups-filters-libs-1.20.0-27.el8_6.1.i686.rpm

SHA-256: aea275e8a5bf73ee045f8f4bd8aa8591ab452934d3992489847db8075502a9f8

cups-filters-libs-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: 8aa5a73a4bb8ad171c1880be638e6b841a572492c17be7d06b6080618ff7a761

cups-filters-libs-debuginfo-1.20.0-27.el8_6.1.i686.rpm

SHA-256: 5f0979cf57a711e8b84ba8df6b6618291c2c8983e86b2fb3300489a176e96085

cups-filters-libs-debuginfo-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: 70bbb61e400ad2d275ac68c80f254ee750482667f5c04035c5cba42ef861d504

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6

SRPM

cups-filters-1.20.0-27.el8_6.1.src.rpm

SHA-256: c87344358037458870fd03185840774afbead0638c64673d67336fb867e27869

aarch64

cups-filters-1.20.0-27.el8_6.1.aarch64.rpm

SHA-256: 77a4b7857dd59b64a3a6c5760092c277b842d0039942e9b10157f6c9922adc74

cups-filters-debuginfo-1.20.0-27.el8_6.1.aarch64.rpm

SHA-256: ab5048e73912b46ba41e640fbbfda6bc98f6ad33a81a63e0737950ef45435917

cups-filters-debugsource-1.20.0-27.el8_6.1.aarch64.rpm

SHA-256: ee893781aa13e2c536097803f46ac468e89ca8b298900a46dbde1c1870d18d66

cups-filters-libs-1.20.0-27.el8_6.1.aarch64.rpm

SHA-256: 4bce9631e1a81bc7b7aee9090dd64e4f773d4cd2da2a00199665415a3e7e94b5

cups-filters-libs-debuginfo-1.20.0-27.el8_6.1.aarch64.rpm

SHA-256: 196f8ba863a6a7d9cd61bd6f624b6ec48601d4993617b694491d3fa05fc3194c

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM

cups-filters-1.20.0-27.el8_6.1.src.rpm

SHA-256: c87344358037458870fd03185840774afbead0638c64673d67336fb867e27869

ppc64le

cups-filters-1.20.0-27.el8_6.1.ppc64le.rpm

SHA-256: 2c63fa318dab29eccbe5f1383aab42c7ed9c03ea5cd76a1882b6cb9592952e5b

cups-filters-debuginfo-1.20.0-27.el8_6.1.ppc64le.rpm

SHA-256: 8393229a68365f8cc549d5d7fb49a85a966fb9f3e04747c23f08d2340a544fa7

cups-filters-debugsource-1.20.0-27.el8_6.1.ppc64le.rpm

SHA-256: 836b2f6d5f48c83072cf9c26bd7492dd0c9c46934b556574270da274d72af1f3

cups-filters-libs-1.20.0-27.el8_6.1.ppc64le.rpm

SHA-256: 1bb5233598d066b7570f79ba5ab73093f56553b5b3d6dccb74cc45fd351e82ec

cups-filters-libs-debuginfo-1.20.0-27.el8_6.1.ppc64le.rpm

SHA-256: 201f9ae583ddefc3b92e635f61e7552d2f8f7c5eb51c87ec99d3b2369cc7e94a

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM

cups-filters-1.20.0-27.el8_6.1.src.rpm

SHA-256: c87344358037458870fd03185840774afbead0638c64673d67336fb867e27869

x86_64

cups-filters-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: 996f730ce679721df59f9b00afa323f2d5924125fd4df182fbbf44a9cafa0f75

cups-filters-debuginfo-1.20.0-27.el8_6.1.i686.rpm

SHA-256: 8a0bc9723fbea1eb4251cc124e5a0f912668268f025dba1258f6abaa97aa4ea6

cups-filters-debuginfo-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: c8dca703ea1b92b00d09e4471766c8232fb01c7ce6449b587324dc1ee5001bb2

cups-filters-debugsource-1.20.0-27.el8_6.1.i686.rpm

SHA-256: ab63daae90e1aefbac638dfaf833dc08fb03ad2db8e3eb8eafdf7486f00bfa96

cups-filters-debugsource-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: 6714d15fb1c204ed35ac119a40b08b66dc860771344a946c71cac4ede103b42a

cups-filters-libs-1.20.0-27.el8_6.1.i686.rpm

SHA-256: aea275e8a5bf73ee045f8f4bd8aa8591ab452934d3992489847db8075502a9f8

cups-filters-libs-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: 8aa5a73a4bb8ad171c1880be638e6b841a572492c17be7d06b6080618ff7a761

cups-filters-libs-debuginfo-1.20.0-27.el8_6.1.i686.rpm

SHA-256: 5f0979cf57a711e8b84ba8df6b6618291c2c8983e86b2fb3300489a176e96085

cups-filters-libs-debuginfo-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: 70bbb61e400ad2d275ac68c80f254ee750482667f5c04035c5cba42ef861d504

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6

SRPM

x86_64

cups-filters-debuginfo-1.20.0-27.el8_6.1.i686.rpm

SHA-256: 8a0bc9723fbea1eb4251cc124e5a0f912668268f025dba1258f6abaa97aa4ea6

cups-filters-debuginfo-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: c8dca703ea1b92b00d09e4471766c8232fb01c7ce6449b587324dc1ee5001bb2

cups-filters-debugsource-1.20.0-27.el8_6.1.i686.rpm

SHA-256: ab63daae90e1aefbac638dfaf833dc08fb03ad2db8e3eb8eafdf7486f00bfa96

cups-filters-debugsource-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: 6714d15fb1c204ed35ac119a40b08b66dc860771344a946c71cac4ede103b42a

cups-filters-devel-1.20.0-27.el8_6.1.i686.rpm

SHA-256: 3ff9a1e87bd176cc94b988dafffdef1cf5e7f1a435817341b5fcd7099fcec00a

cups-filters-devel-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: 76f681fdd2948898c18658a44a7ab837a8c2952a234b407a58c34ce354eeb03c

cups-filters-libs-debuginfo-1.20.0-27.el8_6.1.i686.rpm

SHA-256: 5f0979cf57a711e8b84ba8df6b6618291c2c8983e86b2fb3300489a176e96085

cups-filters-libs-debuginfo-1.20.0-27.el8_6.1.x86_64.rpm

SHA-256: 70bbb61e400ad2d275ac68c80f254ee750482667f5c04035c5cba42ef861d504

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6

SRPM

ppc64le

cups-filters-debuginfo-1.20.0-27.el8_6.1.ppc64le.rpm

SHA-256: 8393229a68365f8cc549d5d7fb49a85a966fb9f3e04747c23f08d2340a544fa7

cups-filters-debugsource-1.20.0-27.el8_6.1.ppc64le.rpm

SHA-256: 836b2f6d5f48c83072cf9c26bd7492dd0c9c46934b556574270da274d72af1f3

cups-filters-devel-1.20.0-27.el8_6.1.ppc64le.rpm

SHA-256: 27b23be3bab3e67a75012f4042bf685256fac5a5ffe2457225afa7b007627a45

cups-filters-libs-debuginfo-1.20.0-27.el8_6.1.ppc64le.rpm

SHA-256: 201f9ae583ddefc3b92e635f61e7552d2f8f7c5eb51c87ec99d3b2369cc7e94a

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6

SRPM

s390x

cups-filters-debuginfo-1.20.0-27.el8_6.1.s390x.rpm

SHA-256: 3cf4df0e77e71746e48e770661968a1be2203aec94aec1d6f7b49f6564065707

cups-filters-debugsource-1.20.0-27.el8_6.1.s390x.rpm

SHA-256: f4c149ae6d07021c08be1f801cf3c3d4b4cfd315f5833038d5498a233b478515

cups-filters-devel-1.20.0-27.el8_6.1.s390x.rpm

SHA-256: 985b99a1fe5c48ee3bc26a0fb9efedc1dfdfb8985dd27cd8de8443a52043f057

cups-filters-libs-debuginfo-1.20.0-27.el8_6.1.s390x.rpm

SHA-256: a185941bad290928fcd9f88321126717c2af966fa277591545427bfc9a116837

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6

SRPM

aarch64

cups-filters-debuginfo-1.20.0-27.el8_6.1.aarch64.rpm

SHA-256: ab5048e73912b46ba41e640fbbfda6bc98f6ad33a81a63e0737950ef45435917

cups-filters-debugsource-1.20.0-27.el8_6.1.aarch64.rpm

SHA-256: ee893781aa13e2c536097803f46ac468e89ca8b298900a46dbde1c1870d18d66

cups-filters-devel-1.20.0-27.el8_6.1.aarch64.rpm

SHA-256: e374cbf821ac400c24bc33ae9a79d8db657b82234bdc27497b191d8e2fd759e8

cups-filters-libs-debuginfo-1.20.0-27.el8_6.1.aarch64.rpm

SHA-256: 196f8ba863a6a7d9cd61bd6f624b6ec48601d4993617b694491d3fa05fc3194c

Related news

Red Hat Security Advisory 2023-3428-01

Red Hat Security Advisory 2023-3428-01 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-3425-01

Red Hat Security Advisory 2023-3425-01 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-3429-02

Red Hat Security Advisory 2023-3429-02 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-3426-01

Red Hat Security Advisory 2023-3426-01 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-3423-01

Red Hat Security Advisory 2023-3423-01 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.

RHSA-2023:3428: Red Hat Security Advisory: cups-filters security update

An update for cups-filters is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24805: A vulnerability was found in cups-filters. This security flaw occurs if you use beh to create an accessible network printer, possibly resulting in remote code execution.

RHSA-2023:3427: Red Hat Security Advisory: cups-filters security update

An update for cups-filters is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24805: A vulnerability was found in cups-filters. This security flaw occurs if you use beh to create an accessible network printer, possibly resulting in remote code execution.

RHSA-2023:3424: Red Hat Security Advisory: cups-filters security update

An update for cups-filters is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24805: A vulnerability was found in cups-filters. This security flaw occurs if you use beh to create an accessible network printer, possibly resulting in remote code execution.

Debian Security Advisory 5407-1

Debian Linux Security Advisory 5407-1 - It was discovered that missing input sanitising in cups-filters, when using the Backend Error Handler (beh) backend to create an accessible network printer, may result in the execution of arbitrary commands.

CVE-2023-24805: report a command inject Vulnerabilities in cups-filters

cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you use the Backend Error Handler (beh) to create an accessible network printer, this security vulnerability can cause remote code execution. `beh.c` contains the line `retval = system(cmdline) >> 8;` which calls the `system` command with the operand `cmdline`. `cmdline` contains multiple user controlled, unsanitized values. As a result an attacker with network access to the hosted print server can exploit this vulnerability to inject system commands which are executed in the context of the running server. This issue has been addressed in commit `8f2740357` and is expected to be bundled in the next release. Users are advised to upgrade when possible and to restrict access to network printers in the meantime.