- cross-posted to:
- linux
- [email protected]
- cross-posted to:
- linux
- [email protected]
cross-posted from: https://lemmy.zip/post/23601247
I hope this goes without saying but please do not run this on machines you don’t own.
The good news:
- the exploit seems to require user action
The bad news:
Device Firewalls are ineffective against this
if someone created a malicious printer on a local network like a library they could create serious issues
it is hard to patch without breaking printing
it is very easy to create printers that look legit
even if you don’t hit print the cups user agent can reveal lots of information. This may be blocked at the Firewall
TLDR: you should be careful hitting print
Wow look at that CUPS code and tell me with a straight face there aren’t 5 more similar vulnerabilities waiting to be found…