185
submitted 2 months ago* (last edited 2 months ago) by possiblylinux127@lemmy.zip to c/linux@lemmy.ml

I hope this goes without saying but please do not run this on machines you don't own.

The good news:

  • the exploit seems to require user action

The bad news:

  • Device Firewalls are ineffective against this

  • if someone created a malicious printer on a local network like a library they could create serious issues

  • it is hard to patch without breaking printing

  • it is very easy to create printers that look legit

  • even if you don't hit print the cups user agent can reveal lots of information. This may be blocked at the Firewall

TLDR: you should be careful hitting print

you are viewing a single comment's thread
view the rest of the comments
[-] pHr34kY@lemmy.world 27 points 1 month ago

CUPS facing the public internet sounds a bit crazy. Why would you print when not physicly near the printer?

[-] subtext@lemmy.world 9 points 1 month ago

I think this would likely be most troublesome on some of the OG internet users that got a whole freaking /8, /10, or /12 or something like AT&T or universities. Up until very recently, and possibly even to the present, these organizations had such large IPv4 space, that there was no need to do NAT, and each device had a publicly addressable IP.

https://en.wikipedia.org/wiki/List_of_assigned_/8_IPv4_address_blocks

[-] possiblylinux127@lemmy.zip 8 points 1 month ago

Everything would still be behind a firewall though

[-] jake_jake_jake_@lemmy.world 5 points 1 month ago

everything should be behind a firewall

this post was submitted on 29 Sep 2024
185 points (98.9% liked)

Linux

48376 readers
1916 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS