Warning:
!!!! Huge Critical Linux Vulnerability !!!!!
Remote code execution.
Key Points:
A critical, unauthenticated Remote Code Execution (RCE) vulnerability in GNU/Linux systems, rated 9.9, is about to be disclosed. [2]
The flaw has been known for over a decade but was disclosed to developers only three weeks ago by bug hunter Simone Margaritelli.
Margaritelli's upcoming write-up will include a proof-of-concept exploit and technical details.
While the bug has no CVE assigned yet, it is expected to need at least three and ideally six CVEs.
Canonical and RedHat have confirmed the severity of the issue, but there's no fix yet.
Entry Points from Simone Margaritelli:
WAN / public internet: a remote attacker sends an UDP packet to port 631. No authentication whatsoever.
LAN: a local attacker can spoof zeroconf / mDNS / DNS-SD advertisements [1]
Sources:
[1] https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/
[2] https://thenimblenerd.com/article/9-9-rated-linux-flaw-the-doomsday-bug-that-makes-heartbleed-look-like-a-paper-cut/
https://www.phoronix.com/news/Linux-CVSS-9.9-Rating
https://www.redhat.com/en/blog/red-hat-response-openprinting-cups-vulnerabilities
SimplifiedPrivacy.com
npub14s…jt5d6
2024-09-26 22:44:56
Author Public Key
npub14slk4lshtylkrqg9z0dvng09gn58h88frvnax7uga3v0h25szj4qzjt5d6Seen on
wss://relay.damus.ioPublished at
2024-09-26 22:44:56Event JSON
{
"id": "6b8d12d03099b1191bf337d7316800c2bd4cd1ae4a0f9571dd9abaf389f6c9f1",
"pubkey": "ac3f6afe17593f61810513dac9a1e544e87b9ce91b27d37b88ec58fbaa9014aa",
"created_at": 1727390696,
"kind": 1,
"tags": [],
"content": "Warning:\n!!!! Huge Critical Linux Vulnerability !!!!!\n\nRemote code execution.\n\nKey Points:\n\nA critical, unauthenticated Remote Code Execution (RCE) vulnerability in GNU/Linux systems, rated 9.9, is about to be disclosed. [2]\n\nThe flaw has been known for over a decade but was disclosed to developers only three weeks ago by bug hunter Simone Margaritelli.\n\nMargaritelli's upcoming write-up will include a proof-of-concept exploit and technical details.\n\nWhile the bug has no CVE assigned yet, it is expected to need at least three and ideally six CVEs.\n\nCanonical and RedHat have confirmed the severity of the issue, but there's no fix yet.\n\nEntry Points from Simone Margaritelli:\n\nWAN / public internet: a remote attacker sends an UDP packet to port 631. No authentication whatsoever.\n\nLAN: a local attacker can spoof zeroconf / mDNS / DNS-SD advertisements [1]\n\nSources:\n[1] https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/\n[2] https://thenimblenerd.com/article/9-9-rated-linux-flaw-the-doomsday-bug-that-makes-heartbleed-look-like-a-paper-cut/\nhttps://www.phoronix.com/news/Linux-CVSS-9.9-Rating\nhttps://www.redhat.com/en/blog/red-hat-response-openprinting-cups-vulnerabilities\n",
"sig": "2e7ec6ec8b18ffea27af74d33fb9d48d98c4e8d1c6b9c9071edbd4cc4445e6e22c2faabb38f14f895b9cacd1587e633313b6fca6aca7182027da0554fc427e9f"
}