Vulmon
Amazon Linux 2 Security Advisory: ALAS-2023-2184
Advisory Release Date: 2023-08-03 18:09 Pacific
Advisory Updated Date: 2023-08-08 22:03 Pacific
Severity:
Medium
Issue Overview:
OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication. (CVE-2023-32324)
Affected Packages:
cups
Issue Correction:
Run yum update cups to update your system.
New Packages:
aarch64:
cups-1.6.3-51.amzn2.0.2.aarch64
cups-client-1.6.3-51.amzn2.0.2.aarch64
cups-devel-1.6.3-51.amzn2.0.2.aarch64
cups-libs-1.6.3-51.amzn2.0.2.aarch64
cups-lpd-1.6.3-51.amzn2.0.2.aarch64
cups-ipptool-1.6.3-51.amzn2.0.2.aarch64
cups-debuginfo-1.6.3-51.amzn2.0.2.aarch64
i686:
cups-1.6.3-51.amzn2.0.2.i686
cups-client-1.6.3-51.amzn2.0.2.i686
cups-devel-1.6.3-51.amzn2.0.2.i686
cups-libs-1.6.3-51.amzn2.0.2.i686
cups-lpd-1.6.3-51.amzn2.0.2.i686
cups-ipptool-1.6.3-51.amzn2.0.2.i686
cups-debuginfo-1.6.3-51.amzn2.0.2.i686
noarch:
cups-filesystem-1.6.3-51.amzn2.0.2.noarch
src:
cups-1.6.3-51.amzn2.0.2.src
x86_64:
cups-1.6.3-51.amzn2.0.2.x86_64
cups-client-1.6.3-51.amzn2.0.2.x86_64
cups-devel-1.6.3-51.amzn2.0.2.x86_64
cups-libs-1.6.3-51.amzn2.0.2.x86_64
cups-lpd-1.6.3-51.amzn2.0.2.x86_64
cups-ipptool-1.6.3-51.amzn2.0.2.x86_64
cups-debuginfo-1.6.3-51.amzn2.0.2.x86_64