container-tools:1.0
エラータID: AXSA:2020-294:01
リリース日:
2020/09/07 Monday - 10:44
題名:
container-tools:1.0
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- container-tools の libslirp の tcp_subr.c の tcp_emu には、
EMU_IRC の IRC DCC コマンドで検証されているように、
メモリ管理に問題があり、DoS(サービス拒否)、あるいは任意のコードの実行を
引き起こす可能性のある、ヒープベースのオーバーフロー、あるいは
境界外アクセスを引き起こす脆弱性があります。(CVE-2020-7039)
一部 CVE の翻訳文は JVN からの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2020-7039
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.
追加情報:
N/A
ダウンロード:
SRPMS
- buildah-1.5-6.gite94b4f9.module+el8+107+0a0df838.src.rpm
MD5: 37699804f266b1b71ef7bf1f17559fd0
SHA-256: c2eba477f73144c8edaaa0872ee179d3fafcd7204c236afb0daf2738085aec00
Size: 4.21 MB - containernetworking-plugins-0.7.4-4.git9ebe139.module+el8+107+0a0df838.src.rpm
MD5: 16468c232b7c6889e286766fd3364e23
SHA-256: 154dfd511f20c2dfacbfe8b6f060deed6e42fe83b12a329b88322998198b03ee
Size: 825.89 kB - container-selinux-2.94-1.git1e99f1d.module+el8+107+0a0df838.src.rpm
MD5: e237dd4cada43eb6d1d666cab7c63247
SHA-256: c971d157614eed7dab1163a62dd4ff962614b8bc38583347251fbb0a5b7308bb
Size: 37.08 kB - fuse-overlayfs-0.3-5.module+el8+107+0a0df838.src.rpm
MD5: 98f63d7d58966159e1646136cc3fceb2
SHA-256: 6d8fdf8cec5e9d9040674744bcf48045a5ae2c7f96191cd2cc1bf0fc01889f51
Size: 84.64 kB - oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8+107+0a0df838.src.rpm
MD5: 6f906cbd285c6fd1b7a0f08832776aeb
SHA-256: 45d7a3bc99605d684819bf9c79268b979ea8839fd56c61a8bf37dce2b4e55277
Size: 40.66 kB - oci-umount-2.3.4-2.git87f9237.module+el8+107+0a0df838.src.rpm
MD5: 0208f9328316747f4a31be6891863b1c
SHA-256: f87f657c664bf52ce47e05af675d3bcd607930b32b67733e8aceacca8aefe512
Size: 39.93 kB - podman-1.0.0-4.git921f98f.module+el8+107+0a0df838.src.rpm
MD5: 02ef9bbc0575388dcab97bc11fea3b4a
SHA-256: 7ae2e77cfee6de1bec15a5346f17a05bc2d4c5b401a64a7b46650eb148378dcb
Size: 17.11 MB - runc-1.0.0-56.rc5.dev.git2abd837.module+el8+107+0a0df838.src.rpm
MD5: 8a476fc3a4519517ee84949a1efecb70
SHA-256: 94c48cd0fc91451c7142cf42da8d5fbb65e6ab73be075bdeb237bf0feef84f9f
Size: 1.14 MB - skopeo-0.1.32-6.git1715c90.module+el8+107+0a0df838.src.rpm
MD5: 66923ba2b9e46e9afe99dc3e8a0279d9
SHA-256: 652e6e554a17dfca4042fe3a0881c531fc235c9f6409fa4f0cd9c14abdbcd65e
Size: 4.00 MB - slirp4netns-0.1-4.dev.gitc4e1bc5.module+el8+107+0a0df838.src.rpm
MD5: aae545f23dc18544517c7746c3bc9fe8
SHA-256: f5a008d2d99ff864c2d387b7d7f16370b58472fec12ed3646257149a19a1c818
Size: 139.59 kB
Asianux Server 8 for x86_64
- buildah-1.5-6.gite94b4f9.module+el8+107+0a0df838.x86_64.rpm
MD5: bef8830e698b379594485fd6820d0886
SHA-256: 89aeca6ecc76e4416ea105bd107c56edc38ffc348be7cc28793594ad0c7e420c
Size: 5.74 MB - containernetworking-plugins-0.7.4-4.git9ebe139.module+el8+107+0a0df838.x86_64.rpm
MD5: c3e04ede8496d6ee460db7515149b548
SHA-256: ac36e84dd962d830981d5ac989f39c75cd44918c46b04655f9fd553bdf138019
Size: 14.57 MB - container-selinux-2.94-1.git1e99f1d.module+el8+107+0a0df838.noarch.rpm
MD5: d9c6e62a6fb70fd4d83a8ae0fed9d558
SHA-256: e461e6d6f556f1cc72a3edc8491eee44cd1c9715b78885552f42dcf5ee5e269e
Size: 41.95 kB - fuse-overlayfs-0.3-5.module+el8+107+0a0df838.x86_64.rpm
MD5: 86a07afebb4ad1959e68e9a37ad1e320
SHA-256: f1fef07f46437d6912c25a8e5351aee35e60980b2bfefebb4007ed64eea308c2
Size: 46.63 kB - oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8+107+0a0df838.x86_64.rpm
MD5: f56c3d8d2e4cfa8fdeb6066c68d80024
SHA-256: 4da2ab9607ec9711a49895e6db37dfdc48356cdfa168b9a23185920986496c48
Size: 38.15 kB - oci-umount-2.3.4-2.git87f9237.module+el8+107+0a0df838.x86_64.rpm
MD5: 39a1af74cd2ce96a0b7529a16020b7d6
SHA-256: afd79cdf46b1059b0815c7f4302edc4cf3918acc63d65475407fb8bd87ec26b8
Size: 36.94 kB - podman-1.0.0-4.git921f98f.module+el8+107+0a0df838.x86_64.rpm
MD5: 3d1c34125500eb48e92ccf576009fd4b
SHA-256: fa6ece0f79b4921b4d17f32134933ba299277aa74a9f541e0c38753c4ef66efc
Size: 9.72 MB - podman-docker-1.0.0-4.git921f98f.module+el8+107+0a0df838.noarch.rpm
MD5: 4c549c710912a41a0b167928218867d5
SHA-256: d707800a9506e65cee6e7011ef6365850344b5a9fe0b73a23c9fe738808d913e
Size: 27.22 kB - runc-1.0.0-56.rc5.dev.git2abd837.module+el8+107+0a0df838.x86_64.rpm
MD5: ccf88c10af6d28382a1f916adb468e69
SHA-256: 0e36122e5fa237b24a99688926265223e7ee981ac7af5b21960b3ad6ef20d9ab
Size: 2.50 MB - containers-common-0.1.32-6.git1715c90.module+el8+107+0a0df838.x86_64.rpm
MD5: f042651d757ae52d6d84e374830a7274
SHA-256: 544ca0e4d7fe46ae0406bbe56ad87751f19960585e4a8716c7ddf3aa840e95e7
Size: 30.37 kB - skopeo-0.1.32-6.git1715c90.module+el8+107+0a0df838.x86_64.rpm
MD5: 4ccc09272b1b1ca1fc942a71787f4ee1
SHA-256: e466c48fa4326c518cbe3c7a4dede92ab7bba5861138bad2fdacca99ae2f5991
Size: 5.24 MB - slirp4netns-0.1-4.dev.gitc4e1bc5.module+el8+107+0a0df838.x86_64.rpm
MD5: cead4cf7609cb394459ac0af5ace15d5
SHA-256: dca09386c5cccfee6da40719e149741c72a2451f638b6bc705bdcde99977f057
Size: 53.72 kB