Help Center/
Cloud Container Engine/
Product Bulletin/
Vulnerability Notices/
Notice of Linux Remote Code Execution Vulnerability in CUPS (CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, and CVE-2024-47177)
Updated on 2024-11-01 GMT+08:00
Notice of Linux Remote Code Execution Vulnerability in CUPS (CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, and CVE-2024-47177)
Description
|
Type |
CVE-ID |
Severity |
Discovered |
|---|---|---|---|
|
REC |
Critical |
2024-09-26 |
Impact
The vulnerability primarily impacts Unix devices using Common Unix Printing System (CUPS) printing systems. Enabling cups-browsed simultaneously can leave Unix devices vulnerable to attack. It can compromise user device security.
Identification Method
Check whether CUPS-related services are installed:
systemctl status cups-browsed
The following is an example command output:
- If the output displays "Unit cups-browsed.service could not be found.", it indicates that CUPS-related services are not present, and the system is not affected by the vulnerability.
- If the value of Active in the command output is inactive (dead), it means that the related services have been installed but not enabled. While the vulnerability is present in the system, it does not affect the system. In this scenario, upgrading CUPS is recommended.
- If the value of Active in the command output is active (running), it means that the related services are enabled, and the system is vulnerable to this vulnerability. Immediate implementation of workarounds is necessary.
Mitigation
The OS images of Huawei Cloud CCE cluster nodes do not include the CUPS service by default, so the vulnerability does not impact the system.
Parent topic: Vulnerability Notices
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
