Multiple vulnerabilities have been discovered in OpenPrinting CUPS and its component cups-browsed, allowing attackers to retrieve information, add or replace printers, and remotely execute arbitrary code when a print job is initiated. CERT-FR has detected public exploitation codes but no active exploitation cases yet. Remediation measures include applying available patches, disabling cups-browsed service, modifying configuration files, limiting port access, and implementing network filtering mechanisms
Detailed information and patches are provided by various sources such as SUSE, Elastic Security Labs, Debian, RedHat, and Ubuntu. https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-012/