Oddbean new post about | logout
 Warning:
!!!! Huge Critical Linux Vulnerability !!!!!

Remote code execution.

Key Points:

A critical, unauthenticated Remote Code Execution (RCE) vulnerability in GNU/Linux systems, rated 9.9, is about to be disclosed. [2]

The flaw has been known for over a decade but was disclosed to developers only three weeks ago by bug hunter Simone Margaritelli.

Margaritelli's upcoming write-up will include a proof-of-concept exploit and technical details.

While the bug has no CVE assigned yet, it is expected to need at least three and ideally six CVEs.

Canonical and RedHat have confirmed the severity of the issue, but there's no fix yet.

Entry Points from Simone Margaritelli:

WAN / public internet: a remote attacker sends an UDP packet to port 631. No authentication whatsoever.

LAN: a local attacker can spoof zeroconf / mDNS / DNS-SD advertisements [1]

Sources:
[1] https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/
[2] https://thenimblenerd.com/article/9-9-rated-linux-flaw-the-doomsday-bug-that-makes-heartbleed-look-like-a-paper-cut/
https://www.phoronix.com/news/Linux-CVSS-9.9-Rating
https://www.redhat.com/en/blog/red-hat-response-openprinting-cups-vulnerabilities