Fellow Linux admins -
It was recently discovered that CUPS contains a critical vulnerability that allows remote attackers to gain entry and take control of devices remotely. This is about more than just losing the ability to print - if you've enabled network printing or have potentially untrusted local users, you should be ready for a potentially very bad day.
This vuln ranks nearly ten out of ten on the threat scale, right up there with the recent widespread OpenSSH exploit that allowed remote attackers to execute code as root.
What’s even more alarming is the vast number of potential victims. This flaw could impact hundreds of thousands of devices, spanning most Linux distributions, certain BSDs, ChromeOS, Solaris, and countless other systems using CUPS. Read on to learn how to determine if your system is affected and what you can do to stop it.
You'll also learn about several impactful security vulnerabilities recently found in Chromium that could enable attackers to steal information, install malware, or manipulate system behavior.
If you found value in today’s newsletter, please share it with your friends! Do you have a Linux security-related topic you'd like to cover for our audience? We welcome contributions from passionate, insightful community members who share our love for Linux and security!
Stay safe out there,
CUPSThe DiscoveryIt was recently discovered that CUPS contains a critical vulnerability that allows remote attackers to gain entry and take control of devices remotely. This vulnerability is tracked as CVE-2024-47076 (libcupsfilters), CVE-2024-47175 (libppd), CVE-2024-47176 (cups-browsed) and CVE-2024-47177 (cups-filters). |
ChromiumThe DiscoverySeveral impactful security vulnerabilities were recently found in the Chromium open-source web browser project, which is the basis of Chrome and many other widely used browsers. A Type Confusion bug is the most severe, allowing attackers to execute malicious code. |
