Simone Margaritelli, known as @evilsocket on Twitter, discovered and disclosed a set of vulnerabilities affecting almost all Linux distributions, primarily related to the Common UNIX Printing System (CUPS). Initially intended for public release on September 30th, the disclosure was expedited to September 26th due to a suspected leak, with vulnerabilities identified as CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, and CVE-2024-47177. These vulnerabilities involve issues like unfiltered parameter injection and arbitrary code execution, particularly in components like cups-browsed and foomatic-rip, allowing unauthenticated remote code execution when chained together. Although rated critically by some, the severity was reassessed by Red Hat to a lower score due to mitigating factors such as the requirement for a print job to trigger the exploit. To mitigate these vulnerabilities without upgrading, users can disable the cups-browsed service and block traffic on UDP port 631. Major Linux distributions have already released patches to address these issues, highlighting a design flaw in the IPP protocol that persists due to compatibility concerns.