systemd-239-45.el8
エラータID: AXSA:2021-2177:05
リリース日:
2021/07/09 Friday - 07:45
題名:
systemd-239-45.el8
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- systemd の pam_systemd には、環境変数の XDG_SEAT をサニタイズ
せずに使用する問題があるため、一部の特定の構成において、攻撃者に
より環境変数の XDG_SEAT を介して、polkit ポリシーに対して
"allow_any" ではなく "allow_active" を使用してコマンドがチェックされる
ことを可能とする脆弱性が存在します。(CVE-2019-3842)
- systemd には、10 進数または 0x から始まる 16 進数など、数値の
ユーザー名を誤って処理する問題があるため、ローカルの攻撃者により、
特権昇格が可能となる脆弱性が存在します。(CVE-2020-13776)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2019-3842
In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the environment before using the XDG_SEAT variable. It is possible for an attacker, in some particular configurations, to set a XDG_SEAT environment variable which allows for commands to be checked against polkit policies using the "allow_active" element rather than "allow_any".
In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the environment before using the XDG_SEAT variable. It is possible for an attacker, in some particular configurations, to set a XDG_SEAT environment variable which allows for commands to be checked against polkit policies using the "allow_active" element rather than "allow_any".
CVE-2020-13776
systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.
systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.
追加情報:
N/A
ダウンロード:
SRPMS
- systemd-239-45.el8.src.rpm
MD5: 63967d9dbf92b27403ad6b5aacfd22e6
SHA-256: 600c43db71854d1f37a32a88dbdb30b3954ee629c4a0fcdc02dac60464b69855
Size: 7.67 MB
Asianux Server 8 for x86_64
- systemd-239-45.el8.x86_64.rpm
MD5: 117b88b17173bdd9d3178f321314d72c
SHA-256: f7f4f208ed0808b47bc99a2760e8aec03988be483fe7f9b27c5126462455e275
Size: 3.56 MB - systemd-container-239-45.el8.x86_64.rpm
MD5: 7425aac12785eff7d41fdcf96842c74f
SHA-256: 92d71bac682f2b19f50be87f66b1eac65d1119c1b761dcdae5ad61e27b8adfa0
Size: 741.96 kB - systemd-devel-239-45.el8.x86_64.rpm
MD5: d2ca3a345d75577aa39d56538fc26de8
SHA-256: ab25edc73094c14213ff971b775d33929b5492778b1acb61e011cf87267357d9
Size: 378.24 kB - systemd-journal-remote-239-45.el8.x86_64.rpm
MD5: 33c8bc9b38ed623fae26fd61ef5aa32c
SHA-256: c2ec6ee0ace1c2aa25a75afe2898e1ecf41f266dab0a41e5dbb1a7e8024cfe90
Size: 176.69 kB - systemd-libs-239-45.el8.x86_64.rpm
MD5: d89a37cd938fbdb393a5b40868b2bd3d
SHA-256: b5e69c2b45b811bfd5e8d4659611423f55e83d8467bd2840d9a1503044b2ae11
Size: 1.08 MB - systemd-pam-239-45.el8.x86_64.rpm
MD5: e9c08ab3ca1e542a941e305e985d4ddf
SHA-256: 13f05ccb995e1ae007352604cf8f7c7e524f3bf0c08a31fe575ce07a3669186a
Size: 467.55 kB - systemd-tests-239-45.el8.x86_64.rpm
MD5: 3c9ac65adacfe44e3c75cc54f013c2a5
SHA-256: 871f63bdd51e85999e85f652dd5bdca7e6b390cc8b930f3194a1c4aa5fe8b2fc
Size: 5.22 MB - systemd-udev-239-45.el8.x86_64.rpm
MD5: 8fe8627b23ebef3c93c00936ddc4cac3
SHA-256: 4c5ee6be956b5b68307521aec4306af29fdbc9799cf5992ecd1a6ab5dd229597
Size: 1.37 MB - systemd-239-45.el8.i686.rpm
MD5: 9815b59682101e3c12468cce97de7269
SHA-256: a431957d33f4c0abbf3506c29d370aac42db85cf3818a2963a09c9fd4a91f399
Size: 3.67 MB - systemd-container-239-45.el8.i686.rpm
MD5: 6cb6720545354a8328cd6922736c27da
SHA-256: 65e62152272521672d0ec01eacc984a0e7fbe8651373c8dde2194f9196693211
Size: 777.07 kB - systemd-devel-239-45.el8.i686.rpm
MD5: a656a70eacbab1363507143afb983aa5
SHA-256: 46a826a2e37e561e2ab548f41aac3d53d99cdcf80f5f075d56b3600718839e88
Size: 378.23 kB - systemd-libs-239-45.el8.i686.rpm
MD5: dcce30e2b9e3a7ca2790a9b25c43a35e
SHA-256: c9ae25b6820e56bfcdb41603c69eae47ce54108e1ee3446a641a802f6377f122
Size: 1.14 MB
English