6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.2%
CentOS Errata and Security Advisory CESA-2013:1274
The hplip packages contain the Hewlett-Packard Linux Imaging and Printing
Project (HPLIP), which provides drivers for Hewlett-Packard printers and
multi-function peripherals.
HPLIP communicated with PolicyKit for authorization via a D-Bus API that is
vulnerable to a race condition. This could lead to intended PolicyKit
authorizations being bypassed. This update modifies HPLIP to communicate
with PolicyKit via a different API that is not vulnerable to the race
condition. (CVE-2013-4325)
All users of hplip are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2013-September/082109.html
Affected packages:
hpijs
hplip
hplip-common
hplip-gui
hplip-libs
libsane-hpaio
Upstream details at:
https://access.redhat.com/errata/RHSA-2013:1274
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 6 | i686 | hpijs | < 3.12.4-4.el6_4.1 | hpijs-3.12.4-4.el6_4.1.i686.rpm |
CentOS | 6 | i686 | hplip | < 3.12.4-4.el6_4.1 | hplip-3.12.4-4.el6_4.1.i686.rpm |
CentOS | 6 | i686 | hplip-common | < 3.12.4-4.el6_4.1 | hplip-common-3.12.4-4.el6_4.1.i686.rpm |
CentOS | 6 | i686 | hplip-gui | < 3.12.4-4.el6_4.1 | hplip-gui-3.12.4-4.el6_4.1.i686.rpm |
CentOS | 6 | i686 | hplip-libs | < 3.12.4-4.el6_4.1 | hplip-libs-3.12.4-4.el6_4.1.i686.rpm |
CentOS | 6 | i686 | libsane-hpaio | < 3.12.4-4.el6_4.1 | libsane-hpaio-3.12.4-4.el6_4.1.i686.rpm |
CentOS | 6 | x86_64 | hpijs | < 3.12.4-4.el6_4.1 | hpijs-3.12.4-4.el6_4.1.x86_64.rpm |
CentOS | 6 | x86_64 | hplip | < 3.12.4-4.el6_4.1 | hplip-3.12.4-4.el6_4.1.x86_64.rpm |
CentOS | 6 | x86_64 | hplip-common | < 3.12.4-4.el6_4.1 | hplip-common-3.12.4-4.el6_4.1.x86_64.rpm |
CentOS | 6 | x86_64 | hplip-gui | < 3.12.4-4.el6_4.1 | hplip-gui-3.12.4-4.el6_4.1.x86_64.rpm |