¡¾·ì϶¹«¸æ¡¿CUPS ±¾µØÁîÅÆÐ¹Â¶·ì϶(CVE-2026-34990)

°ä²¼¹¦·ò 2026-04-10

Ò»¡¢·ì϶¸ÅÊö


·ìϼûû³Æ

CUPS ±¾µØÁîÅÆÐ¹Â¶·ì϶

CVE   ID

CVE-2026-34990

·ì϶ÀàÐÍ

ȨÏÞÌáÉý

·¢ÏÖ¹¦·ò

2026-4-10

·ì϶ÆÀ·Ö

5.0

·ì϶µÈ¼¶

ÖÐΣ

¹¥»÷ÏòÁ¿

±¾µØ

ËùÐèȨÏÞ

µÍ

ÀûÓÃÄѶÈ

µÍ

Óû§½»»¥

²»±ØÒª

PoC/EXP

Òѹ«¿ª

ÔÚÒ°ÀûÓÃ

δ·¢ÏÖ


CUPS£¨Common Unix Printing System£©ÊÇ¿í·ºÀûÓÃÓÚLinuxºÍUnixϵͳµÄ¿ªÔ´´òÓ¡·þÎñϵͳ £¬ÕƹܴòÓ¡¹¤×÷ÖÎÀí¡¢¶ÓÁе÷¶È¼°ÍøÂç´òÓ¡·þÎñ¡£Æäͨ¹ýIPP£¨Internet Printing Protocol£©Ìṩͳһ½Ó¿Ú £¬Ö§³Ö±¾µØ¼°ÍøÂç´òÓ¡É豸ÖÎÀí £¬ÊÇÎÞÊýLinux¿¯ÐаæÄ¬ÈϵĴòÓ¡½â¾ö¹æ»®¡£


2026Äê4ÔÂ8ÈÕ £¬mansion88Ã÷Éý°²È«Ó¦¼±ÏìÓ¦ÖÐÐÄ£¨VSRC£©¼à²âµ½OpenPrinting CUPS´æÔÚÒ»×é¿É×éºÏÀûÓõݲȫ·ì϶¡£ÆäÖÐ £¬CVE-2026-34980ΪδÊÚȨԶ³Ì´úÂëÖ´Ðзì϶ £¬¹¥»÷ÕßÔÚÖ¸±êϵͳ¶Ô±©Â¶³öÇÒÆôÓù²ÏíPostScript´òÓ¡¶ÓÁеÄÇé¿öÏ £¬¿Éͨ¹ý»ú¹Ø¶ñÒâPrint-JobÒªÇó×¢ÈëαÔìµÄPPD½ÚÔì¼Í¼ £¬´Û¸Ä´òÓ¡¶ÓÁÐÅäÖà £¬²¢½ÚÔìcupsFilter2Ö´ÐÐõè¾¶ £¬´Ó¶øÒÔlpÓû§È¨ÏÞÖ´ÐÐϵͳºÅÁî¡£CVE-2026-34990ΪCUPS±¾µØÁîÅÆÐ¹Â¶·ì϶ £¬Ô´ÓÚcupsdÔÚ´¦Öñ¾µØIPPÒªÇóʱй¶¿É¸´ÓõÄAuthorization:LocalÈÏÖ¤ÁîÅÆ £¬¹¥»÷Õß¿ÉÀûÓøÃÁîÅÆÎ±ÔìÖÎÀíÔ±Éí·Ý½Ó¼û/admin/½Ó¿Ú £¬²¢Í¨¹ýCUPS-Create-Local-PrinterÖ°ÄÜ´´½¨¶ñÒâ´òÓ¡¶ÓÁÐ £¬½áºÏdevice-uriУÑéȱµãÈÆ¹ýFileDeviceÏÞ¶È £¬ÊµÏÖËÁÒâÎļþдÈë £¬×îÖÕ¸²¸ÇÈçsudoersµÈ¹Ø¼üϵͳÎļþ £¬½«È¨ÏÞÌáÉýÖÁroot¡£ÉÏÊöÁ½¸ö·ì϶¿ÉÐÎ³ÉÆëÈ«¹¥»÷Á´ £¬Ê¹¹¥»÷Õß´ÓδÊÚȨԶ³Ì½Ó¼ûÖð²½»ñȡϵͳ×î¸ßȨÏÞ £¬µ¼ÖÂÖ¸±êÖ÷»úÆëȫʧÏÝ¡£


¶þ¡¢Ó°ÏìÁìÓò


CUPS <= 2.4.16


Èý¡¢°²È«´ëÊ©


3.1 Éý¼¶°æ±¾


µ±Ç°Î´Ã÷È·¸ø³ö×îÖÕ½¨¸´°æ±¾ £¬½¨Ò鹨ע¹Ù·½¸üС£


ÏÂÔØÁ´½Ó£ºhttps://github.com/OpenPrinting/cups/releases/


3.2 һʱ´ëÊ©


ÔÝÎÞ¡£


3.3 ͨÓý¨Òé


? ¶¨ÆÚ¸üÐÂϵͳ²¹¶¡ £¬Ï÷¼õϵͳ·ì϶ £¬ÌáÉý·þÎñÆ÷µÄ°²È«ÐÔ¡£
¼ÓǿϵͳºÍÍøÂçµÄ½Ó¼û½ÚÔì £¬Åú¸Ä·À»ðǽսÊõ £¬¹Ø¹Ø·Ç±ØÒªµÄÀûÓö˿ڻò·þÎñ £¬Ï÷¼õ½«Î£ÏÕ·þÎñ£¨ÈçSSH¡¢RDPµÈ£©Â¶³öµ½¹«Íø £¬Ï÷¼õ¹¥»÷Ãæ¡£
ʹÓÃÆóÒµ¼¶°²È«²úÆ· £¬ÌáÉýÆóÒµµÄÍøÂ簲ȫ»úÄÜ¡£
¼ÓǿϵͳÓû§ºÍȨÏÞÖÎÀí £¬ÆôÓöà³É·ÖÈÏÖ¤»úÔìºÍ×îÓ×ȨÏÞ×¼Ôò £¬Óû§ºÍÈí¼þȨÏÞӦά³ÖÔÚ×îµÍÏÞ¶È¡£
ÆôÓÃÇ¿ÃÜÂëÕ½Êõ²¢ÉèÖÃΪ¶¨ÆÚÅú¸Ä¡£


3.4 ²Î¿¼Á´½Ó


https://nvd.nist.gov/vuln/detail/CVE-2026-34990/
https://github.com/OpenPrinting/cups/security/advisories/GHSA-c54j-2vqw-wpwp