systemd-219-62.el7.5
エラータID: AXSA:2019-3771:02
リリース日:
2019/04/03 Wednesday - 11:16
題名:
systemd-219-62.el7.5
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- systemdには、認証されていないローカルユーザーが特別に細工された
メッセージを PID1 に送り、スタックポインタがマップされていないメモリ領域を指し
たままスタックガードページを越え、サービス拒否攻撃(PID1 である systemd の
クラッシュとカーネルパニック)を引き起こしてしまうことが可能な脆弱性があります。
(CVE-2019-6454)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
Update packages.
CVE:
CVE-2019-6454
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic).
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic).
追加情報:
N/A
ダウンロード:
SRPMS
- systemd-219-62.el7.5.src.rpm
MD5: ab05e1dfaec3bf61e80ec7b82cba5c22
SHA-256: 9bfd01d7ff9b7060eb9b1b9c3aa72190f2f597bbf5afbabbb850525bc8eaa57b
Size: 5.53 MB
Asianux Server 7 for x86_64
- libgudev1-219-62.el7.5.x86_64.rpm
MD5: d4c2dbe4a9947c9a43a706779d1b7788
SHA-256: d421c7467a888c915f96b00033d14d248c2038733a7b6de2192a3bc66895f0db
Size: 95.29 kB - libgudev1-devel-219-62.el7.5.x86_64.rpm
MD5: a22b95a719ac8a584f7ff08c6ff250f8
SHA-256: c76b67e691b0dbf9f5937ed4804440f0677ef3a73109fd5f776b9c623ac99747
Size: 108.59 kB - systemd-219-62.el7.5.x86_64.rpm
MD5: eed83a3660e6e1553ffee2645ed0aafa
SHA-256: b18e36cc2ebde13a7a95f9d66c08eec0c63490405de874cac28f5efa087ef622
Size: 5.05 MB - systemd-devel-219-62.el7.5.x86_64.rpm
MD5: e320c16bd6593cef36da25dbea8f05fd
SHA-256: 29c6a501d52df4217a8aeddb2c263fb00736ecea10dbf9d7c928bc7d57aaef07
Size: 198.66 kB - systemd-libs-219-62.el7.5.x86_64.rpm
MD5: fe53f3dcba82c9caa13914f05ef553df
SHA-256: ab94963acff5b2ec9e81adde0239c490e7819f6d7b25dfc0281c4d725647f02e
Size: 405.81 kB - systemd-python-219-62.el7.5.x86_64.rpm
MD5: c777b60d044cbc6dcbbdcb1b897bd0d3
SHA-256: 9962976207ac6f8cf961d23c4449c781d49355ecf94047e8f0162a517f35d542
Size: 131.50 kB - systemd-sysv-219-62.el7.5.x86_64.rpm
MD5: 2cde505e5b4773e067d0ec9e8b56a027
SHA-256: f43c41ee4e0abaedd6b8d6ef9f32e108ecdf78ae295a767d08f5fef89b7793cd
Size: 82.64 kB - libgudev1-219-62.el7.5.i686.rpm
MD5: 8f2925087bc3911772a9c504a45da7e6
SHA-256: 700ab0cb9363559167519343f8bc5e19647e8ab29354f87c2467416e43ef8658
Size: 95.01 kB - libgudev1-devel-219-62.el7.5.i686.rpm
MD5: 6eacbe2bb1281c816bf711485dee7aab
SHA-256: 34bd1e20f3cc16b3c46e138e1610755fc9d2e8431abeccc2018bcb2327bbe3f8
Size: 108.63 kB - systemd-devel-219-62.el7.5.i686.rpm
MD5: 140ff91de681987b55eea05b9ee00c5f
SHA-256: 3594665f6342d759a530c8da2a20be6b9b97e9e6fb8ae8ac1ee127a3bb48fa27
Size: 198.67 kB - systemd-libs-219-62.el7.5.i686.rpm
MD5: e429757d273747f18fec5731178bacdc
SHA-256: 4de2ba421abfe1012e47e4518d484910dbeeedc637703eba85249eed1bd63098
Size: 412.43 kB