libppd Function 'ppdCreatePPDFromIPP2' Does Not Sanitize IPP Attributes, Leading to Vector for Remote Code Execution
CVE-2024-47175

8.6HIGH

Key Information:

Vendor
Openprinting
Status
Libppd
Vendor
CVE Published:
26 September 2024

Summary

The CUPS printing system, managed by OpenPrinting, contains a vulnerability within the libppd component. This issue arises from the ppdCreatePPDFromIPP2 function failing to properly sanitize Internet Printing Protocol (IPP) attributes when generating the Printer Description (PPD) buffer. This lack of sanitization can lead to security breaches when user-controlled input is processed, particularly when combined with functions like cfGetPrinterAttributes5. An attacker can potentially exploit this vulnerability to execute arbitrary code, thus compromising the affected system. This situation is further exacerbated by its potential use in conjunction with other vulnerabilities, making it a significant concern for users of the CUPS printing system.

Affected Version(s)

libppd <= 2.1b1

References

https://github.com/OpenPrinting/libppd/security/advisorie...
x_refsource_CONFIRM
https://github.com/OpenPrinting/cups-browsed/security/adv...
x_refsource_MISC
https://github.com/OpenPrinting/cups-filters/security/adv...
x_refsource_MISC

EPSS Score

26% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.6
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2024-47175 : libppd Function 'ppdCreatePPDFromIPP2' Does Not Sanitize IPP Attributes, Leading to Vector for Remote Code Execution | SecurityVulnerability.io