CVE-2024-47076

CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format conversion tasks needed in Printer Applications. The `cfGetPrinterAttributes5` function in `libcupsfilters` does not sanitize IPP attributes returned from an IPP server. When these IPP attributes are used, for instance, to generate a PPD file, this can lead to attacker controlled data to be provided to the rest of the CUPS system.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.6 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
GitHub_MCNA
8.6 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
CISA-ADPADP
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
Debian logo
Debian Releases
Debian Product
Codename
cups-filters
bullseye
vulnerable
bullseye (security)
1.28.7-1+deb11u3
fixed
bookworm
1.28.17-3+deb12u1
fixed
bookworm (security)
1.28.17-3+deb12u1
fixed
sid
1.28.17-6
fixed
trixie
1.28.17-6
fixed
libcupsfilters
sid
2.0.0-3
fixed
trixie
2.0.0-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
cups-filters
plucky
not-affected
oracular
not-affected
noble
not-affected
jammy
Fixed 1.28.15-0ubuntu1.3
released
focal
Fixed 1.27.4-1ubuntu0.3
released
bionic
needs-triage
xenial
needs-triage
libcupsfilters
plucky
Fixed 2.1~b1-0ubuntu3
released
oracular
Fixed 2.1~b1-0ubuntu3
released
noble
Fixed 2.0.0-0ubuntu7.1
released
jammy
dne
focal
dne
Common Weakness Enumeration
References
https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8
https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47
https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5
https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6
https://www.cups.org
https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I
https://github.com/OpenPrinting/libcupsfilters/commit/95576ec3d20c109332d14672a807353cdc551018