Unauthenticated RCE vs. all GNU/Linux systems, CVSS 9.9(threadreaderapp.com)
threadreaderapp.com
Unauthenticated RCE vs. all GNU/Linux systems, CVSS 9.9
https://threadreaderapp.com/thread/1838169889330135132.html
8 comments
Care to share the source of this hint?
I think it is from the speculation that this is due to a very common package that binds to all interfaces by default after installation
He forked the cups repo over a week ago.
maybe i'm being overly pedantic but wouldn't that be a a CUPS specific RCE?
the title claims "all" GNU/Linux systems are vulnerable
the title claims "all" GNU/Linux systems are vulnerable
The thread that the title comes from is from a Twitter user that later stated about the issue:
"And YES: I LOVE hyping the sh1t out of this stuff because apparently sensationalism is the only language that forces these people to fix. "
As such, every single thing about the topic should be taken with a grain of salt. Starting with systems affected (it's not all GNU/Linux) and also CVSS score (I score it as a 6.3 instead of 9.9). Use your imagination to decide how much of what was posted is based on fact as opposed to fantasy.
As such, every single thing about the topic should be taken with a grain of salt. Starting with systems affected (it's not all GNU/Linux) and also CVSS score (I score it as a 6.3 instead of 9.9). Use your imagination to decide how much of what was posted is based on fact as opposed to fantasy.
I wonder if this "all GNU/Linux systems" is correct, or if we'll see some nuance added in a couple of hours/days. I'd be a monstrous patch day if this RCE really impacts all GNU/Linux systems.
[deleted]
[0] - https://en.wikipedia.org/wiki/CUPS