Amazon Linux 2023 Security Advisory: ALAS-2024-718
Advisory Release Date: 2024-09-27 00:29 Pacific
Advisory Updated Date: 2024-10-02 15:30 Pacific
A flaw in cups-filters allows a remote unauthenticated client to create a PPD configuration file with code injection. If a job is sent to the compromised printer, the code is executed allowing for remote code execution. (CVE-2024-47175)
Affected Packages:
cups-filters
Issue Correction:
Run dnf update cups-filters --releasever 2023.5.20241001 to update your system.
aarch64:
cups-filters-libs-debuginfo-1.28.16-3.amzn2023.0.2.aarch64
cups-filters-devel-1.28.16-3.amzn2023.0.2.aarch64
cups-filters-libs-1.28.16-3.amzn2023.0.2.aarch64
cups-filters-debuginfo-1.28.16-3.amzn2023.0.2.aarch64
cups-filters-debugsource-1.28.16-3.amzn2023.0.2.aarch64
cups-filters-1.28.16-3.amzn2023.0.2.aarch64
src:
cups-filters-1.28.16-3.amzn2023.0.2.src
x86_64:
cups-filters-libs-debuginfo-1.28.16-3.amzn2023.0.2.x86_64
cups-filters-libs-1.28.16-3.amzn2023.0.2.x86_64
cups-filters-devel-1.28.16-3.amzn2023.0.2.x86_64
cups-filters-debuginfo-1.28.16-3.amzn2023.0.2.x86_64
cups-filters-debugsource-1.28.16-3.amzn2023.0.2.x86_64
cups-filters-1.28.16-3.amzn2023.0.2.x86_64