Important: Red Hat Security Advisory: cups-filters security update

An update for cups-filters is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

The vulnerability of the ppdCreatePPDFromIPP2 function in the libppd library of the CUPS printing server allows a attacker to write arbitrary data.

The vulnerability of the ppdCreatePPDFromIPP2 function in the libppd library of the CUPS printing server is related to the lack of measures taken to eliminate special elements used in the OS command. Exploiting this vulnerability allows a remote attacker to write arbitrary data into the final PPD...

[SECURITY] Fedora 40 Update: libppd-2.1~b1-2.fc40

Libppd provides all PPD related function/API which is going to be removed from CUPS 3.X, but are still required for retro-fitting support of legacy printers. The library is meant only for retro-fitting printer applications, any new printer drivers have to be written as native printer application...

Fedora 39 : cups / cups-browsed / libcupsfilters / libppd (2024-cf6ab63871)

The remote Fedora 39 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-cf6ab63871 advisory. Fix for remote vulnerabilities against OpenPrinting cups-filters Tenable has extracted the preceding description block directly from the Fedora...

K000141223: OpenPrinting CUPS vulnerabilities CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, and CVE-2024-47177

Security Advisory Description CVE-2024-47076 CUPS is a standards-based, open-source printing system, and libcupsfilters contains the code of the filters of the former cups-filters package as library functions to be used for the data format conversion tasks needed in Printer Applications. The...

SUSE CVE-2024-47175

CUPS is a standards-based, open-source printing system, and libppd can be used for legacy PPD file support. The libppd function ppdCreatePPDFromIPP2 does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as cfGetPrinterAttributes5, can...

Ubuntu: Security Advisory (USN-7045-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 24.04 LTS : libppd vulnerability (USN-7045-1)

The remote Ubuntu 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7045-1 advisory. Simone Margaritelli discovered that libppd incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate P...

DEBIAN-CVE-2024-47175

CUPS is a standards-based, open-source printing system, and libppd can be used for legacy PPD file support. The libppd function ppdCreatePPDFromIPP2 does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as cfGetPrinterAttributes5, can...

CVE-2024-47175

CUPS is a standards-based, open-source printing system, and libppd can be used for legacy PPD file support. The libppd function ppdCreatePPDFromIPP2 does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as cfGetPrinterAttributes5, can...

CVE-2024-47175 libppd's ppdCreatePPDFromIPP2 function does not sanitize IPP attributes when creating the PPD buffer

CUPS is a standards-based, open-source printing system, and libppd can be used for legacy PPD file support. The libppd function ppdCreatePPDFromIPP2 does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as cfGetPrinterAttributes5, can...

CVE-2024-47175 libppd's ppdCreatePPDFromIPP2 function does not sanitize IPP attributes when creating the PPD buffer

CUPS is a standards-based, open-source printing system, and libppd can be used for legacy PPD file support. The libppd function ppdCreatePPDFromIPP2 does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as cfGetPrinterAttributes5, can...

CVE-2024-47175 libppd's ppdCreatePPDFromIPP2 function does not sanitize IPP attributes when creating the PPD buffer

CUPS is a standards-based, open-source printing system, and libppd can be used for legacy PPD file support. The libppd function ppdCreatePPDFromIPP2 does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as cfGetPrinterAttributes5, can...

CVE-2024-47175

CUPS is a standards-based, open-source printing system, and libppd can be used for legacy PPD file support. The libppd function ppdCreatePPDFromIPP2 does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as cfGetPrinterAttributes5, can...

CVE-2024-47175

CUPS is a standards-based, open-source printing system, and libppd can be used for legacy PPD file support. The libppd function ppdCreatePPDFromIPP2 does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as cfGetPrinterAttributes5, can...

CVE-2024-47175

CVE-2024-47175 affects CUPS via libppd, where ppdCreatePPDFromIPP2 does not sanitize IPP attributes when building the PPD buffer. When used with functions such as cfGetPrinterAttributes5, attacker-controlled input can lead to code execution through Foomatic, contributing to an exploit chain descr...

USN-7045-1: libppd vulnerability

Simone Margaritelli discovered that libppd incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used...

CVE-2024-47175

A security issue was found in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer information...

ROS-20240729-08

A vulnerability in the scanps function of the libppd library of the CUPS print server is related to the operation exceeding the boundaries of the buffer in memory when processing the length of PPD files. Exploitation of the vulnerability could allow an attacker to elevate his privileges and execu...

Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2024-1646)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...