CUPS: A Critical 9.9 Linux Vulnerability Reviewed

Aqua Security analyzed recently disclosed CUPS vulnerabilities (CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, CVE-2024-47177) that can allow remote arbitrary code execution by provisioning a malicious IPP printer and leveraging flaws in cups-browsed, libcupsfilters, libppd, and cups-filters. The advisory explains exploitation preconditions (cups-browsed enabled, UDP/631 reachable, attacker-advertised IPP server, victim-initiated print), references published PoCs, provides detection commands and immediate mitigations (stop/disable cups-browsed, block UDP 631), and recommends patching when available.