Blaze@lemmy.zip to

Linux@programming.dev · 1 month ago

The CUPS explout is here: GitHub - RickdeJager/cupshax

6

cross-posted to:
linux@lemmy.ml

43

The CUPS explout is here: GitHub - RickdeJager/cupshax

Blaze@lemmy.zip to

Linux@programming.dev · 1 month ago

6

cross-posted to:
linux@lemmy.ml

GitHub - RickdeJager/cupshax

Contribute to RickdeJager/cupshax development by creating an account on GitHub.

cross-posted from: https://lemmy.zip/post/23601247

I hope this goes without saying but please do not run this on machines you don’t own.

The good news:

the exploit seems to require user action

The bad news:

Device Firewalls are ineffective against this

if someone created a malicious printer on a local network like a library they could create serious issues

it is hard to patch without breaking printing

it is very easy to create printers that look legit

even if you don’t hit print the cups user agent can reveal lots of information. This may be blocked at the Firewall

TLDR: you should be careful hitting print

Chat

Vivendi@lemmy.zip
link
fedilink
arrow-up
14
arrow-down
1·
1 month ago
If there is ONE project that needs a rewrite in modern C++ OR Rust (or some other ‘safe’ language) it’s FUCKING CUPS

Please, Rust fanatics, do ONE good instead of rewriting GPL programs into a corpo-rat license

Linux@programming.dev

linux@programming.dev

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !linux@programming.dev

A community for everything relating to the linux operating system

Also check out !linux_memes@programming.dev

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

512 users / day
1.06K users / week
2.11K users / month
6.47K users / 6 months
3 local subscribers
5.17K subscribers
697 Posts
5.84K Comments
Modlog