Linux 內核多個漏洞
發佈日期:
2022年03月11日
1593
觀看次數
風險: 中度風險
類型: 操作系統 - LINUX
於 Linux Kernel 發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況,權限提升及繞過保安限制。
影響
- 阻斷服務
- 權限提升
- 繞過保安限制
受影響之系統或技術
- HPE Helion Openstack 8
- SUSE Linux Enterprise Desktop 15-SP3
- SUSE Linux Enterprise High Availability 12-SP3
- SUSE Linux Enterprise High Availability 15
- SUSE Linux Enterprise High Availability 15-SP3
- SUSE Linux Enterprise High Performance Computing
- SUSE Linux Enterprise High Performance Computing 12-SP3
- SUSE Linux Enterprise High Performance Computing 15
- SUSE Linux Enterprise High Performance Computing 15-ESPOS
- SUSE Linux Enterprise High Performance Computing 15-LTSS
- SUSE Linux Enterprise High Performance Computing 15-SP3
- SUSE Linux Enterprise Micro 5.0
- SUSE Linux Enterprise Micro 5.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3
- SUSE Linux Enterprise Module for Development Tools 15-SP3
- SUSE Linux Enterprise Module for Legacy Software 15-SP3
- SUSE Linux Enterprise Module for Live Patching 15
- SUSE Linux Enterprise Module for Live Patching 15-SP3
- SUSE Linux Enterprise Module for Realtime 15-SP2
- SUSE Linux Enterprise Module for Realtime 15-SP3
- SUSE Linux Enterprise Real Time 15-SP2
- SUSE Linux Enterprise Real Time 15-SP3
- SUSE Linux Enterprise Server
- SUSE Linux Enterprise Server 12-SP3
- SUSE Linux Enterprise Server 12-SP3-BCL
- SUSE Linux Enterprise Server 12-SP3-LTSS
- SUSE Linux Enterprise Server 12-SP4
- SUSE Linux Enterprise Server 12-SP5
- SUSE Linux Enterprise Server 15
- SUSE Linux Enterprise Server 15-LTSS
- SUSE Linux Enterprise Server 15-SP3
- SUSE Linux Enterprise Server for SAP 12-SP3
- SUSE Linux Enterprise Server for SAP 15
- SUSE Linux Enterprise Server for SAP Applications
- SUSE Linux Enterprise Server for SAP Applications 12-SP3
- SUSE Linux Enterprise Server for SAP Applications 12-SP4
- SUSE Linux Enterprise Server for SAP Applications 12-SP5
- SUSE Linux Enterprise Server for SAP Applications 15
- SUSE Linux Enterprise Server for SAP Applications 15-SP3
- SUSE Linux Enterprise Workstation Extension 15-SP3
- SUSE Manager Proxy 4.2
- SUSE Manager Server 4.2
- SUSE OpenStack Cloud 8
- SUSE OpenStack Cloud Crowbar 8
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.2 aarch64
- Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.2 ppc64le
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.2 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
- Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.4 x86_64
- Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.4 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
- Red Hat Enterprise Linux Server - AUS 8.2 x86_64
- Red Hat Enterprise Linux Server - TUS 8.2 x86_64
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
- Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
- Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
解決方案
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
對於 SUSE
- 安裝供應商提供的修補程式:
- https://www.suse.com/support/update/announcement/2022/suse-su-20220760-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20220762-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20220763-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20220764-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20220765-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20220766-1/
對於 RedHat
- 安裝供應商提供的修補程式:
漏洞識別碼
- CVE-2016-10905
- CVE-2021-0920
- CVE-2021-4028
- CVE-2021-4083
- CVE-2021-44879
- CVE-2021-45095
- CVE-2022-0001
- CVE-2022-0002
- CVE-2022-0330
- CVE-2022-0487
- CVE-2022-0492
- CVE-2022-0516
- CVE-2022-0617
- CVE-2022-0644
- CVE-2022-0847
- CVE-2022-22942
- CVE-2022-24448
- CVE-2022-24959
- CVE-2022-25375
資料來源
相關連結
- https://www.auscert.org.au/bulletins/ESB-2022.0998
- https://www.auscert.org.au/bulletins/ESB-2022.0999
- https://www.auscert.org.au/bulletins/ESB-2022.1000
- https://www.auscert.org.au/bulletins/ESB-2022.1001
- https://www.auscert.org.au/bulletins/ESB-2022.1002
- https://www.auscert.org.au/bulletins/ESB-2022.1005
- https://www.auscert.org.au/bulletins/ESB-2022.1012
- https://www.auscert.org.au/bulletins/ESB-2022.1016
- https://www.auscert.org.au/bulletins/ESB-2022.1017
- https://www.auscert.org.au/bulletins/ESB-2022.1021
- https://www.suse.com/support/update/announcement/2022/suse-su-20220760-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20220762-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20220763-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20220764-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20220765-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20220766-1/
- https://access.redhat.com/errata/RHSA-2022:0820
- https://access.redhat.com/errata/RHSA-2022:0822
- https://access.redhat.com/errata/RHSA-2022:0823
- https://access.redhat.com/errata/RHSA-2022:0831
分享至