Part 2/6:

As the community eagerly awaited Simone's disclosure, a few details began to emerge. First, an argument on the Open Printing CUPS browser issue list on GitHub hinted at the nature of the vulnerability. Then, the entire disclosure document was unfortunately leaked, providing a comprehensive overview of the issue.

The vulnerability, as outlined in the leaked document, primarily affects four components of the Linux printing system: CUPS browse D, lib cup filters, lib PPD, and CUPS filters. The entry point for the attack is the CUPS browse D daemon, which listens on UDP port 361 and, by default, trusts any packet that advertises itself as a printer.