Vulnerability Description
cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you use the Backend Error Handler (beh) to create an accessible network printer, this security vulnerability can cause remote code execution. `beh.c` contains the line `retval = system(cmdline) >> 8;` which calls the `system` command with the operand `cmdline`. `cmdline` contains multiple user controlled, unsanitized values. As a result an attacker with network access to the hosted print server can exploit this vulnerability to inject system commands which are executed in the context of the running server. This issue has been addressed in commit `8f2740357` and is expected to be bundled in the next release. Users are advised to upgrade when possible and to restrict access to network printers in the meantime.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linuxfoundation | Cups-Filters | < 2.0 |
| Fedoraproject | Fedora | 37 |
| Debian | Debian Linux | 10.0 |
Related Weaknesses (CWE)
References
- https://github.com/OpenPrinting/cups-filters/commit/8f274035756c04efeb77eb654e9dPatch
- https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-gpxc-v2m8-ExploitVendor Advisory
- https://lists.debian.org/debian-lts-announce/2023/05/msg00021.htmlMailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/[email protected]Mailing ListRelease Notes
- https://lists.fedoraproject.org/archives/list/[email protected]Mailing ListRelease Notes
- https://security.gentoo.org/glsa/202401-06
- https://www.debian.org/security/2023/dsa-5407Third Party Advisory
- https://github.com/OpenPrinting/cups-filters/commit/8f274035756c04efeb77eb654e9dPatch
- https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-gpxc-v2m8-ExploitVendor Advisory
- https://lists.debian.org/debian-lts-announce/2023/05/msg00021.htmlMailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/[email protected]Mailing ListRelease Notes
- https://lists.fedoraproject.org/archives/list/[email protected]Mailing ListRelease Notes
- https://security.gentoo.org/glsa/202401-06
- https://www.debian.org/security/2023/dsa-5407Third Party Advisory
FAQ
What is CVE-2023-24805?
CVE-2023-24805 is a vulnerability with a CVSS score of 8.8 (HIGH). cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you use the Backend Error Handler (beh) to creat...
How severe is CVE-2023-24805?
CVE-2023-24805 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-24805?
Check the references section above for vendor advisories and patch information. Affected products include: Linuxfoundation Cups-Filters, Fedoraproject Fedora, Debian Debian Linux.