Amazon Linux 1 Security Advisory: ALAS-2023-1796
Advisory Release Date: 2023-08-03 20:16 Pacific
Advisory Updated Date: 2023-08-08 20:52 Pacific
OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication. (CVE-2023-32324)
Affected Packages:
cups
Issue Correction:
Run yum update cups to update your system.
i686:
cups-1.4.2-67.23.amzn1.i686
cups-devel-1.4.2-67.23.amzn1.i686
cups-debuginfo-1.4.2-67.23.amzn1.i686
cups-lpd-1.4.2-67.23.amzn1.i686
cups-php-1.4.2-67.23.amzn1.i686
cups-libs-1.4.2-67.23.amzn1.i686
src:
cups-1.4.2-67.23.amzn1.src
x86_64:
cups-1.4.2-67.23.amzn1.x86_64
cups-lpd-1.4.2-67.23.amzn1.x86_64
cups-libs-1.4.2-67.23.amzn1.x86_64
cups-devel-1.4.2-67.23.amzn1.x86_64
cups-debuginfo-1.4.2-67.23.amzn1.x86_64
cups-php-1.4.2-67.23.amzn1.x86_64