kernel-4.18.0-305.12.1.el8_4
エラータID: AXSA:2021-2359:18
リリース日:
2021/08/13 Friday - 11:35
題名:
kernel-4.18.0-305.12.1.el8_4
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- KVM には、VM_IO|VM_PFNMAP vmas の不適切な処理により読み込み専用チェッ
クをバイパスし、VMM とゲストがアクセス可能な状態でページが解放される問
題があるため、VM を起動および制御可能なユーザーにより、メモリのランダ
ムなページを読み書きを介して、特権昇格が可能となる脆弱性が存在します。
(CVE-2021-22543)
- net/netfilter/x_tables.c には、ヒープの範囲外書き込みの問題があるた
め、ローカルの攻撃者により、ユーザー名前空間の中でのヒープメモリ領域の
破壊を介して、特権昇格、およびサービス拒否状態にすることが可能となる脆
弱性が存在します。(CVE-2021-22555)
- CAN BCM ネットワークプロトコルには、ローカルの攻撃者により、CAN サブ
システムの欠陥を介して、メモリ領域の破壊、システムクラッシュ、特権昇格
が可能となる脆弱性が存在します。(CVE-2021-3609)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2021-22543
An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.
An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.
CVE-2021-22555
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
CVE-2021-3609
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
追加情報:
N/A
ダウンロード:
SRPMS
- kernel-4.18.0-305.12.1.el8_4.src.rpm
MD5: 85070a48e3f8205560d3c68b335195e3
SHA-256: efd24e47ec915e2b9fe5274bb63999be7234c112bb8b1e00993f6b70f0ca9e16
Size: 117.30 MB
Asianux Server 8 for x86_64
- bpftool-4.18.0-305.12.1.el8_4.x86_64.rpm
MD5: ddcd9e4088ea8efe589b79a38db05c1b
SHA-256: 9f6cc63151ecd58c6a81413e6ee83d0a826687b5227b1f5242d1ffd65e29372e
Size: 6.57 MB - kernel-4.18.0-305.12.1.el8_4.x86_64.rpm
MD5: 6f12865cd14decc676264ecfbee6e4c3
SHA-256: a26b4baa159c530e5551d4f0ae8f1ea3a33fe1a11aece0675dc38875a381eb27
Size: 5.89 MB - kernel-abi-stablelists-4.18.0-305.12.1.el8_4.noarch.rpm
MD5: b5abbe4d529ac2a3e4d8ff7d9d4a10ce
SHA-256: 607206acd4663ce71a597f699def5a0645856d754d197b2e2780f859542ae00f
Size: 5.90 MB - kernel-core-4.18.0-305.12.1.el8_4.x86_64.rpm
MD5: c4dfc60d975f150408bf477af6c3a683
SHA-256: 43d31e7ca778da11efa2b3d3bb8bc818071f929ca1141cc539c9f00f048278c2
Size: 35.84 MB - kernel-cross-headers-4.18.0-305.12.1.el8_4.x86_64.rpm
MD5: 1bc803d9bf8c4deede4abbc78a5aca54
SHA-256: 76ed2d8cde9b3a24539a0e39e9ffc38d005bafffb231285e314fce6e2889c9c5
Size: 10.84 MB - kernel-debug-4.18.0-305.12.1.el8_4.x86_64.rpm
MD5: b5c270a3024cd82f714c133826aec5a1
SHA-256: a0229a9151ed69786eda0dedae94801d14b4e7656eb8df2946cad4b55d793bfe
Size: 5.89 MB - kernel-debug-core-4.18.0-305.12.1.el8_4.x86_64.rpm
MD5: 8dd79cffb292a30d1c9770a9996854fa
SHA-256: a844811f09de1866ce0282edb748aad0d841d0803eccfed0ee00cc708093da32
Size: 62.85 MB - kernel-debug-devel-4.18.0-305.12.1.el8_4.x86_64.rpm
MD5: 62c7ae4cd0e1b1575eb8433ca95e2e45
SHA-256: bfd85fe8967e7b17723e9e889a49f326c5f8963e35b5976b6a3153f11ec50ad7
Size: 18.59 MB - kernel-debug-modules-4.18.0-305.12.1.el8_4.x86_64.rpm
MD5: feb6a271d417b1e576407bfcf10ed5a9
SHA-256: 7807eba84b4c4f34ae1d3a44eef8fb662c06ae5c7d7165727fef82cd9bb1dcf9
Size: 53.55 MB - kernel-debug-modules-extra-4.18.0-305.12.1.el8_4.x86_64.rpm
MD5: 57edddadbe7e1e854f615118ea148d8f
SHA-256: 705037e842427c7b1e936d34dafd416b96b66d85c95c7228c0d898b12d3ca724
Size: 7.24 MB - kernel-devel-4.18.0-305.12.1.el8_4.x86_64.rpm
MD5: bd5745f98346af6141a99209ec45c9ae
SHA-256: a098115cec28e1c52744bb7876b688183e38b86e6f229cde299957ace89071fe
Size: 18.40 MB - kernel-doc-4.18.0-305.12.1.el8_4.noarch.rpm
MD5: 2cb11f5ad1e555b3a1b287436a971bdd
SHA-256: 5621af87a9485684a0714eedcd1f71462bc707c0178969df0aa1298d24800fbc
Size: 22.60 MB - kernel-headers-4.18.0-305.12.1.el8_4.x86_64.rpm
MD5: b4c9b02c25676234544b38eb53469af7
SHA-256: 6263d50fd722703e34bd890d17b999b01dc3226e2b3e4ded5c28340cdc218904
Size: 7.14 MB - kernel-modules-4.18.0-305.12.1.el8_4.x86_64.rpm
MD5: 074d929aadf454f3d59a7a6576b779ea
SHA-256: f0dd6612dbee40e877e2cba624566473aa73f1ae891ede48f33933ac6887e571
Size: 28.09 MB - kernel-modules-extra-4.18.0-305.12.1.el8_4.x86_64.rpm
MD5: 63a7fdecc6b4277cf92ff46e81ec3303
SHA-256: 913965e4a5680064ee543def4acc6afd3bb3a309a9878e57aa40eff34173cc04
Size: 6.55 MB - kernel-tools-4.18.0-305.12.1.el8_4.x86_64.rpm
MD5: 586fc31362bdc9d6fd841d225a3c35e3
SHA-256: c59aaacfbf197d16db64a4e72cef8b674549c4e309f2abbc072c1ffac67e1450
Size: 6.09 MB - kernel-tools-libs-4.18.0-305.12.1.el8_4.x86_64.rpm
MD5: 77de613a32f5f1bdd8d6f0ededc19835
SHA-256: b8f8b77ad648ad48b90c6f9825c3e337287da42600f43f6212961bba21c9ca0b
Size: 5.89 MB - perf-4.18.0-305.12.1.el8_4.x86_64.rpm
MD5: 002e76a3f2292230b7a63ef82e5465c9
SHA-256: a446c82efd7e09b45a819016d35d554ab50825a91c9960fc169585d72f05c413
Size: 8.11 MB - python3-perf-4.18.0-305.12.1.el8_4.x86_64.rpm
MD5: 092b941c05eb1d4d2166fa8d4ff3b138
SHA-256: 80478f6d607ece901739c8093ef365c31c2dc341fa386138afa15ee1f98dc04b
Size: 6.00 MB
English