CVE-2024-47076— libcupsfilters's cfGetPrinterAttributes5 does not validate IPP attributes returned from an IPP server
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-47076
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
libcupsfilters's cfGetPrinterAttributes5 does not validate IPP attributes returned from an IPP server
Source: NVD (National Vulnerability Database)
Vulnerability Description
CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format conversion tasks needed in Printer Applications. The `cfGetPrinterAttributes5` function in `libcupsfilters` does not sanitize IPP attributes returned from an IPP server. When these IPP attributes are used, for instance, to generate a PPD file, this can lead to attacker controlled data to be provided to the rest of the CUPS system.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
输入验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
CUPS 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
OpenPrinting CUPS是OpenPrinting公司的一个适用于 Linux® 和其他类 Unix® 操作系统的基于标准的开源打印系统。 CUPS存在输入验证错误漏洞,该漏洞源于libcupsfilters中的cfGetPrinterAttributes5函数不会清理从 IPP 服务器返回的 IPP 属性。当使用这些 IPP 属性时,可能导致攻击者控制的数据被提供给 CUPS 系统的其余部分。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| OpenPrinting | libcupsfilters | <= 2.1b1 | - |
II. Public POCs for CVE-2024-47076
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Linux ve Unix sistemlerinizin CVE-2024-47076 açığından etkilenip etkilenmediğini bu script ile öğrenebilirsiniz. | https://github.com/mutkus/CVE-2024-47076 | POC Details |
| 2 | Ultrafast CUPS-browsed scanner (CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, CVE-2024-47177) | https://github.com/lkarlslund/jugular | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-47076
请登录查看更多情报信息。
- CUPS.orgx_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2024-47076
Same Patch Batch · OpenPrinting · 2024-09-26 · 3 CVEs total
| CVE-2024-47175 | 8.6 HIGH | libppd's ppdCreatePPDFromIPP2 function does not sanitize IPP attributes when creating the |
| CVE-2024-47176 | 5.3 MEDIUM | cups-browsed binds to `INADDR_ANY:631`, trusting any packet from any source |
IV. Related Vulnerabilities
Same vendor: OpenPrinting
- CVE-2026-41079
OpenPrinting CUPS: Heap out-of-bounds read in SNMP supply-le - CVE-2026-39316
CUPS has a use-after-free in `cupsdDeleteTemporaryPrinters` - CVE-2026-39314
CUPS has an integer underflow in `_ppdCreateFromIPP` causes - CVE-2026-34980
OpenPrinting CUPS: Shared PostScript queue lets anonymous Pr - CVE-2026-34979
OpenPrinting CUPS: Heap overflow in `get_options()`
Same weakness: CWE-20
V. Comments for CVE-2024-47076
No comments yet