Doomsday critical Linux bug: It's CUPS. May lead to remote hijacking of devices \ stacker news ~security

pull down to refresh

Doomsday critical Linux bug: It's CUPS. May lead to remote hijacking of devices www.theregister.com/AMP/2024/09/26/cups_linux_rce_disclosed/

296 sats \ 3 comments \ @ch0k1 27 Sep security

After days of anticipation, what was billed as one or more critical unauthenticated remote-code execution vulnerabilities in all Linux systems was today finally revealed.

In short, if you're running the Unix printing system CUPS, with cups-browsed present and enabled, you may be vulnerable to attacks that could lead to your computer being commandeered over the network or internet. The attacks require the victim to start a print job. Do not be afraid.

view all related items

120 sats \ 0 replies \ @ken 27 Sep

The attacks require the victim to start a print job.

Well, at least my dad is safe. He called me the other day to help him maximize his web browser's window.

22 sats \ 0 replies \ @freetx 27 Sep

requires having port 631 exposed to LAN or internet.....

0 sats \ 0 replies \ @Malachi17T 28 Sep

Who has port 631 exposed to the public internet?

The lan attack where someone "may be able to spoof" is of course more of an issue, but "may be able to spoof" is not the same as "Can totally spoof with ease".

It is odd that the Cups people didn't want to address these matters, though.