vulnerability

Rocky Linux: CVE-2024-47176: cups-filters (Multiple Advisories)

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

Sep 26, 2024

Added

Oct 2, 2024

Modified

Mar 31, 2026

Description

CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to.

Solutions

rocky-upgrade-cups-filtersrocky-upgrade-cups-filters-debuginforocky-upgrade-cups-filters-debugsourcerocky-upgrade-cups-filters-develrocky-upgrade-cups-filters-libsrocky-upgrade-cups-filters-libs-debuginfo

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report