- cross-posted to:
- linux@programming.dev
- cross-posted to:
- linux@programming.dev
I hope this goes without saying but please do not run this on machines you don’t own.
The good news:
- the exploit seems to require user action
The bad news:
-
Device Firewalls are ineffective against this
-
if someone created a malicious printer on a local network like a library they could create serious issues
-
it is hard to patch without breaking printing
-
it is very easy to create printers that look legit
-
even if you don’t hit print the cups user agent can reveal lots of information. This may be blocked at the Firewall
TLDR: you should be careful hitting print
There is currently no fix available
Edit: I’m mistaken
What? I got a patch on Arch yesterday.
I mean both Red Hat and Ubuntu did ship updates to change the config of cups-browsed, so I don’t think that’s correct.
Maybe my information is out of date then
Not true, Arch and Ubuntu (the ones I personally checked on) already pushed patches that disabled cups browsed by default, removing the service listening on 631.