Critical updates - CVE
      Back to home
      1. Stratodesk NoTouch Knowledge base
      2. NoTouch OS
      3. Critical updates - CVE

      CVE-2024-47176 - CUPS

      CVE-2024-47076, CVE-2024-47175, CVE-2024-47176 and CVE-2024-47177

      Information

      • By default, NoTouch OS is not vulnerable as the affected service cups-browsed is not activated
      • Builds prior to 3.6 did not have the option to enable this and are not impacted
      • NoTouch OS builds 3.6.0 and newer are only potentially vulnerable if you have enabled Printer Browsing in Services - CUPS

      Mitigation options:

      • Disable cups-browsed, then manually configure printers
      • In NoTouch OS Device configuration or in NoTouch Center
        • Eventscripts \ Startup 3 \ iptables -I INPUT -p udp --dport 631 -j REJECT ;iptables -I INPUT -p udp --dport 631 -i lo -j ACCEPT
      • Update to forthcoming build that will contain the updated CUPS packages