SUSE update for cups-filters
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2024-47176 CVE-2024-47850 |
| CWE-ID | CWE-862 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software |
SUSE Linux Enterprise Software Development Kit 12 Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 12 Operating systems & Components / Operating system SUSE Linux Enterprise Server 12 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 12 Operating systems & Components / Operating system libpoppler-qt4-4-debuginfo Operating systems & Components / Operating system package or component cups-filters-ghostscript-debuginfo Operating systems & Components / Operating system package or component libpoppler60 Operating systems & Components / Operating system package or component libpoppler-glib8 Operating systems & Components / Operating system package or component cups-filters-debuginfo Operating systems & Components / Operating system package or component cups-filters-ghostscript Operating systems & Components / Operating system package or component cups-filters-foomatic-rip Operating systems & Components / Operating system package or component cups-filters-debugsource Operating systems & Components / Operating system package or component libpoppler-qt4-4 Operating systems & Components / Operating system package or component cups-filters Operating systems & Components / Operating system package or component cups-filters-cups-browsed Operating systems & Components / Operating system package or component libpoppler-glib8-debuginfo Operating systems & Components / Operating system package or component poppler-tools Operating systems & Components / Operating system package or component cups-filters-foomatic-rip-debuginfo Operating systems & Components / Operating system package or component libpoppler60-debuginfo Operating systems & Components / Operating system package or component poppler-tools-debuginfo Operating systems & Components / Operating system package or component cups-filters-cups-browsed-debuginfo Operating systems & Components / Operating system package or component poppler-debugsource Operating systems & Components / Operating system package or component libpoppler-cpp0 Operating systems & Components / Operating system package or component typelib-1_0-Poppler-0_18 Operating systems & Components / Operating system package or component libpoppler-qt4-devel Operating systems & Components / Operating system package or component libpoppler-devel Operating systems & Components / Operating system package or component libpoppler-glib-devel Operating systems & Components / Operating system package or component libpoppler-cpp0-debuginfo Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Missing Authorization
EUVDB-ID: #VU97743
Risk: High
CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2024-47176
CWE-ID:
CWE-862 - Missing Authorization
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to missing authorization. A remote attacker can introduce a malicious printer to the system by sending specially crafted packets to port 631/UDP and then execute arbitrary OS commands on the system when a print job is started.
MitigationUpdate the affected package cups-filters to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Software Development Kit 12: SP5
SUSE Linux Enterprise Server for SAP Applications 12: SP5
SUSE Linux Enterprise Server 12: SP5
SUSE Linux Enterprise High Performance Computing 12: SP5
libpoppler-qt4-4-debuginfo: before 0.43.0-16.49.1
cups-filters-ghostscript-debuginfo: before 1.0.58-19.26.1
libpoppler60: before 0.43.0-16.49.1
libpoppler-glib8: before 0.43.0-16.49.1
cups-filters-debuginfo: before 1.0.58-19.26.1
cups-filters-ghostscript: before 1.0.58-19.26.1
cups-filters-foomatic-rip: before 1.0.58-19.26.1
cups-filters-debugsource: before 1.0.58-19.26.1
libpoppler-qt4-4: before 0.43.0-16.49.1
cups-filters: before 1.0.58-19.26.1
cups-filters-cups-browsed: before 1.0.58-19.26.1
libpoppler-glib8-debuginfo: before 0.43.0-16.49.1
poppler-tools: before 0.43.0-16.49.1
cups-filters-foomatic-rip-debuginfo: before 1.0.58-19.26.1
libpoppler60-debuginfo: before 0.43.0-16.49.1
poppler-tools-debuginfo: before 0.43.0-16.49.1
cups-filters-cups-browsed-debuginfo: before 1.0.58-19.26.1
poppler-debugsource: before 0.43.0-16.49.1
libpoppler-cpp0: before 0.43.0-16.49.1
typelib-1_0-Poppler-0_18: before 0.43.0-16.49.1
libpoppler-qt4-devel: before 0.43.0-16.49.1
libpoppler-devel: before 0.43.0-16.49.1
libpoppler-glib-devel: before 0.43.0-16.49.1
libpoppler-cpp0-debuginfo: before 0.43.0-16.49.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_software_development_kit_12:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_12:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_12:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_12:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:libpoppler-qt4-4-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cups-filters-ghostscript-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:libpoppler60:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:libpoppler-glib8:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cups-filters-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cups-filters-ghostscript:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cups-filters-foomatic-rip:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cups-filters-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:libpoppler-qt4-4:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cups-filters:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cups-filters-cups-browsed:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:libpoppler-glib8-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:poppler-tools:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cups-filters-foomatic-rip-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:libpoppler60-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:poppler-tools-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cups-filters-cups-browsed-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:poppler-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:libpoppler-cpp0:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:typelib-1_0-poppler-0_18:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:libpoppler-qt4-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:libpoppler-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:libpoppler-glib-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:libpoppler-cpp0-debuginfo:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243570-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Missing Authorization
EUVDB-ID: #VU98064
Risk: Medium
CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-47850
CWE-ID:
CWE-862 - Missing Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to missing authorization when handling IPP UDP packets. A remote attacker can send a specially crafted IPP UDP packet requesting a printer to be added and force the application to send an HTTP POST request to an arbitrary IP address and port.
Successful exploitation of the vulnerability may allow an attacker to perform DDoS amplification attacks.
MitigationUpdate the affected package cups-filters to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Software Development Kit 12: SP5
SUSE Linux Enterprise Server for SAP Applications 12: SP5
SUSE Linux Enterprise Server 12: SP5
SUSE Linux Enterprise High Performance Computing 12: SP5
libpoppler-qt4-4-debuginfo: before 0.43.0-16.49.1
cups-filters-ghostscript-debuginfo: before 1.0.58-19.26.1
libpoppler60: before 0.43.0-16.49.1
libpoppler-glib8: before 0.43.0-16.49.1
cups-filters-debuginfo: before 1.0.58-19.26.1
cups-filters-ghostscript: before 1.0.58-19.26.1
cups-filters-foomatic-rip: before 1.0.58-19.26.1
cups-filters-debugsource: before 1.0.58-19.26.1
libpoppler-qt4-4: before 0.43.0-16.49.1
cups-filters: before 1.0.58-19.26.1
cups-filters-cups-browsed: before 1.0.58-19.26.1
libpoppler-glib8-debuginfo: before 0.43.0-16.49.1
poppler-tools: before 0.43.0-16.49.1
cups-filters-foomatic-rip-debuginfo: before 1.0.58-19.26.1
libpoppler60-debuginfo: before 0.43.0-16.49.1
poppler-tools-debuginfo: before 0.43.0-16.49.1
cups-filters-cups-browsed-debuginfo: before 1.0.58-19.26.1
poppler-debugsource: before 0.43.0-16.49.1
libpoppler-cpp0: before 0.43.0-16.49.1
typelib-1_0-Poppler-0_18: before 0.43.0-16.49.1
libpoppler-qt4-devel: before 0.43.0-16.49.1
libpoppler-devel: before 0.43.0-16.49.1
libpoppler-glib-devel: before 0.43.0-16.49.1
libpoppler-cpp0-debuginfo: before 0.43.0-16.49.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_software_development_kit_12:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_12:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_server_12:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_12:SP5:*:*:*:*:*:*:
- cpe:2.3:o:suse:libpoppler-qt4-4-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cups-filters-ghostscript-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:libpoppler60:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:libpoppler-glib8:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cups-filters-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cups-filters-ghostscript:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cups-filters-foomatic-rip:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cups-filters-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:libpoppler-qt4-4:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cups-filters:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cups-filters-cups-browsed:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:libpoppler-glib8-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:poppler-tools:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cups-filters-foomatic-rip-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:libpoppler60-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:poppler-tools-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:cups-filters-cups-browsed-debuginfo:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:poppler-debugsource:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:libpoppler-cpp0:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:typelib-1_0-poppler-0_18:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:libpoppler-qt4-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:libpoppler-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:libpoppler-glib-devel:*:*:*:*:*:suse_linux:*:
- cpe:2.3:o:suse:libpoppler-cpp0-debuginfo:*:*:*:*:*:suse_linux:*:
http://www.suse.com/support/update/announcement/2024/suse-su-20243570-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
