sysstat-12.5.4-5.el9
エラータID: AXSA:2023-5796:03
The sysstat packages provide the sar and iostat commands. These commands enable system monitoring of disk, network, and other I/O activity.
Security Fix(es):
* sysstat: arithmetic overflow in allocate_structures() on 32 bit systems (CVE-2022-39377)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2022-39377
sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocate_structures contains a size_t overflow in sa_common.c. The allocate_structures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated for the buffer representing system activities. This issue may lead to Remote Code Execution (RCE). This issue has been patched in version 12.7.1.
Update packages.
sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocate_structures contains a size_t overflow in sa_common.c. The allocate_structures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated for the buffer representing system activities. This issue may lead to Remote Code Execution (RCE). This issue has been patched in version 12.7.1.
N/A
SRPMS
- sysstat-12.5.4-5.el9.src.rpm
MD5: aa3a42f54cff2b036dc15763678f892a
SHA-256: 977a8f856102b43aeb9b8e3a3178516288eae7e54e97412d48827f48e45e2016
Size: 1.32 MB
Asianux Server 9 for x86_64
- sysstat-12.5.4-5.el9.x86_64.rpm
MD5: a43665ea7f0a40d678c7868dfd314d23
SHA-256: 803b68f5a320cf1be77648c2a08212be3c48a8f1c3cd2569986409a4e8412944
Size: 462.87 kB
日本語