Red Hat Warns About Remote Code Execution Flaws Impacting Enterprise Linux
- by nlqip
‘All versions of Red Hat Enterprise Linux (RHEL) are affected by [the vulnerabilities] but are not vulnerable in their default configurations,’ the IBM-owned company said.
Red Hat warned Thursday that four newly discovered vulnerabilities — which are rated as “important” and affect all versions of Enterprise Linux — could enable remote execution of code.
“All versions of Red Hat Enterprise Linux (RHEL) are affected by CVE-2024-47076, CVE-2024-47175, CVE-2024-47176 and CVE-2024-47177, but are not vulnerable in their default configurations,” the IBM-owned company said in a post.
[Related: Red Hat Exec: Linux Supply Chain Hack Was Caught Quickly]
The flaws impact open-source print management software, known as OpenPrinting CUPS, which Red Hat said is “prevalent in most modern Linux distributions.”
“By chaining this group of vulnerabilities together, an attacker could potentially achieve remote code execution which could then lead to theft of sensitive data and/or damage to critical production systems,” Red Hat said in the blog.
The post did not disclose whether any exploitation of the vulnerabilities has been observed so far. In an email to CRN, a Red Hat spokesperson said that “we’re unaware of any exploitations in the wild right now.”
The severity of the issue has been rated as “important” by Red Hat.
Crucially, the company noted that “affected packages are not vulnerable in their default configuration.” More vulnerabilities could also be found, however, according to Red Hat.
“At this time, there are four CVEs assigned to these vulnerabilities, but the exact number is still being coordinated with the upstream community and the researcher who discovered the problem,” the company said.
The company credited Simone Margaritelli, known online as “EvilSocket,” with the discovery of the flaws.
In a post Thursday, Margaritelli wrote that by exploiting the vulnerabilities, “a remote unauthenticated attacker can silently replace existing printers’ (or install new ones) [Internet Printing Protocol] urls with a malicious one, resulting in arbitrary command execution (on the computer) when a print job is started (from that computer).”
Source link
lol
‘All versions of Red Hat Enterprise Linux (RHEL) are affected by [the vulnerabilities] but are not vulnerable in their default configurations,’ the IBM-owned company said. Red Hat warned Thursday that four newly discovered vulnerabilities — which are rated as “important” and affect all versions of Enterprise Linux — could enable remote execution of code. “All…