USN-6844-2: CUPS regression

Releases

• Ubuntu 24.04 LTS
• Ubuntu 23.10
• Ubuntu 22.04 LTS
• Ubuntu 20.04 LTS
• Ubuntu 18.04 ESM
• Ubuntu 16.04 ESM

Packages

• cups - Common UNIX Printing System(tm)

Details

USN-6844-1 fixed vulnerabilities in the CUPS package. The update
lead to the discovery of a regression in CUPS with regards to
how the cupsd daemon handles Listen configuration directive.
This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:
Rory McNamara discovered that when starting the cupsd server with a
Listen configuration item, the cupsd process fails to validate if
bind call passed. An attacker could possibly trick cupsd to perform
an arbitrary chmod of the provided argument, providing world-writable
access to the target.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 24.04

• cups - 2.4.7-1.2ubuntu7.2
• cups-daemon - 2.4.7-1.2ubuntu7.2

Ubuntu 23.10

• cups - 2.4.6-0ubuntu3.2
• cups-daemon - 2.4.6-0ubuntu3.2

Ubuntu 22.04

• cups - 2.4.1op1-1ubuntu4.10
• cups-daemon - 2.4.1op1-1ubuntu4.10

Ubuntu 20.04

• cups - 2.3.1-9ubuntu1.8
• cups-daemon - 2.3.1-9ubuntu1.8

Ubuntu 18.04

• cups - 2.2.7-1ubuntu2.10+esm5
  Available with Ubuntu Pro
• cups-daemon - 2.2.7-1ubuntu2.10+esm5
  Available with Ubuntu Pro

Ubuntu 16.04

• cups - 2.1.3-4ubuntu0.11+esm7
  Available with Ubuntu Pro
• cups-daemon - 2.1.3-4ubuntu0.11+esm7
  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

• https://launchpad.net/bugs/2070315