openssl-1.1.1k-7.el8
エラータID: AXSA:2022-3703:05
リリース日:
2022/08/16 Tuesday - 08:00
題名:
openssl-1.1.1k-7.el8
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- openssh の c_rehash スクリプトには、シェルのメタ文字を
適切にサニタイズしていない問題があるため、攻撃者により
c_rehash スクリプトに付与された権限で任意のコマンドの
実行を可能とする脆弱性が存在します。(CVE-2022-1292)
- openssh の c_rehash スクリプトには、シェルのメタ文字を
適切にサニタイズしていない問題があるため、攻撃者により
c_rehash スクリプトに付与された権限で任意のコマンドの
実行を可能とする脆弱性が存在します。(CVE-2022-2068)
- AES-NI 命令を利用した 32 ビットの x86 プラットフォームに
おける openssl の AES OCB モードには、状況によってデータ
全体が暗号化されない問題があるため、攻撃者により書き込まれて
いないメモリ領域に存在していた 16 バイトのデータの読み取りを
可能とする脆弱性が存在します。(CVE-2022-2097)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2022-1292
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).
CVE-2022-2068
In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).
In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).
CVE-2022-2097
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).
追加情報:
N/A
ダウンロード:
SRPMS
- openssl-1.1.1k-7.el8.src.rpm
MD5: 1020ff291a873ae9b77f934d14cfc80a
SHA-256: 84b73b0b8fabba5a4f3414955dafe5d2e0b36501da261392b2978898c35c741c
Size: 7.33 MB
Asianux Server 8 for x86_64
- openssl-1.1.1k-7.el8.x86_64.rpm
MD5: 4e3b10f5f952c821af08c55b07cb2d2d
SHA-256: b466bc6c3b395e9684db699aa93c2878c8fadb926af7d800860accdb06d9cf51
Size: 708.19 kB - openssl-devel-1.1.1k-7.el8.x86_64.rpm
MD5: 5724f895fc1f3ef37e210a1cc1fcd1bc
SHA-256: d0475c90587314dce8295251e49b215d853ed1d5f0a8e8d2afe5a1a19df05115
Size: 2.33 MB - openssl-libs-1.1.1k-7.el8.x86_64.rpm
MD5: 780ef6365144169ce1f2cd704f4d5085
SHA-256: 72dcfecbf405a428b66d3e851958330bbc9e460fea3280a6a11db00e34c247da
Size: 1.47 MB - openssl-perl-1.1.1k-7.el8.x86_64.rpm
MD5: 77738c0a9dbc8e571688b79065f606fa
SHA-256: a226304374f4122eb6f38be12dfb6cd6de35d1d36686084423b36750e5b3c262
Size: 81.28 kB - openssl-devel-1.1.1k-7.el8.i686.rpm
MD5: 7f407a41d03ffc7680c5b722140bad60
SHA-256: 074240541d224145ef14c8df29a11fb8c49a0d05993b0ada16363a5054f96649
Size: 2.33 MB - openssl-libs-1.1.1k-7.el8.i686.rpm
MD5: 7a3995d1063c43bfe11b0c5b6e0333ef
SHA-256: 10d782f94f9b64428783c340e9f7d81b24f39ae66ef88096e43ce26160f54039
Size: 1.48 MB
English