kernel-5.14.0-70.17.1.el9_0
エラータID: AXSA:2022-4112:17
リリース日:
2022/11/22 Tuesday - 05:09
題名:
kernel-5.14.0-70.17.1.el9_0
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- net/ipv4/tcp.c のソースポート番号の選択アルゴリズムには、ソースポート
番号の選択に利用する乱数表のサイズが小さすぎることに起因してメモリ
リークする問題があるため、リモートの攻撃者により、情報漏洩やサービス
拒否攻撃を可能とする脆弱性が存在します。(CVE-2022-1012)
- パフォーマンスイベント (perf) 機能には、解放後利用の問題があるため、
ローカルの攻撃者により、perf_event_open() 関数を用いてパフォーマンス
監視を設定する際に競合状態を誘発することを介して、サービス拒否
(システムクラッシュ) 状態にすることが可能となる脆弱性が存在します。
(CVE-2022-1729)
- Netfilter サブシステムの net/netfilter/nf_tables_api.c には、解放後利用
の問題があるため、ローカルの攻撃者により、特権昇格が可能となる
脆弱性が存在します。(CVE-2022-1966)
- net/ipv4/esp4.c および net/ipv6/esp6.c の IPsec ESP 変換コードには、
ヒープバッファオーバーフローの問題があるため、ローカルの攻撃者に
より、カーネルのヒープオブジェクトの上書きを介して、特権昇格が
可能となる脆弱性が存在します。(CVE-2022-27666)
- Netfilter サブシステムの net/netfilter/nf_tables_api.c には、解放後利用
の問題があるため、ローカルの攻撃者により、特権昇格が可能となる
脆弱性が存在します。 (CVE-2022-32250)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2022-1012
A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.
A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.
CVE-2022-1729
A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.
A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.
CVE-2022-1966
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-32250. Reason: This candidate is a duplicate of CVE-2022-32250. Notes: All CVE users should reference CVE-2022-32250 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-32250. Reason: This candidate is a duplicate of CVE-2022-32250. Notes: All CVE users should reference CVE-2022-32250 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2022-27666
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.
CVE-2022-32250
net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.
net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.
追加情報:
N/A
ダウンロード:
SRPMS
- kernel-5.14.0-70.17.1.el9_0.src.rpm
MD5: 2b61f599fc75f715832c432b972005a0
SHA-256: 3d34526a002b89e5376080e57b7ef0b402cb0b5c545636ef0fbe9bd8fd984769
Size: 127.01 MB
Asianux Server 9 for x86_64
- bpftool-5.14.0-70.17.1.el9_0.x86_64.rpm
MD5: fe2ea78a2d7f3979913ed9ca6b9d2698
SHA-256: e41bc167b47c6ccb27ed08734fdd5fdf3e7101b8e2b4af9b49e0228b997b430a
Size: 1.29 MB - kernel-5.14.0-70.17.1.el9_0.x86_64.rpm
MD5: 5fccb7aafc6393fdc75f52e4f27b1b5a
SHA-256: 440fc9eaa7dd953c4fa70961a8e297f15f8d5c8bb7f1d02659c8245158a3e1a5
Size: 589.96 kB - kernel-abi-stablelists-5.14.0-70.17.1.el9_0.noarch.rpm
MD5: 5f75733452ddf1cedccca4e986a25779
SHA-256: ea58ba0ffa0b1293aa350635b6787bbcd533aff744682754daf113692f4d3590
Size: 591.29 kB - kernel-core-5.14.0-70.17.1.el9_0.x86_64.rpm
MD5: f334cbfb4f871fbe2fe4db1f75838744
SHA-256: 1a8a1c09ec9b50c3a6164582021d44408ab325a1fed4081ceb085345bf699704
Size: 33.76 MB - kernel-cross-headers-5.14.0-70.17.1.el9_0.x86_64.rpm
MD5: f436226fe51ba93ad10b0cf432aafc16
SHA-256: 77d6497e2431f14812dd677b08d12a88fbae1121f9eab55b9b8e310f45a1d8fa
Size: 5.96 MB - kernel-debug-5.14.0-70.17.1.el9_0.x86_64.rpm
MD5: 880e5d180d8eecc0065292b142802e19
SHA-256: f86a4481e0d81783fe7a21dfb891091b94cef9a955bf5ab4560aa8c40e9de136
Size: 590.07 kB - kernel-debug-core-5.14.0-70.17.1.el9_0.x86_64.rpm
MD5: 52b6cb85861cb3a827acd756a4f1f418
SHA-256: 1f388d2b017f769531e0ce7a82666a8c94b76ebee244aa9d6d425345dad7bc4a
Size: 58.55 MB - kernel-debug-devel-5.14.0-70.17.1.el9_0.x86_64.rpm
MD5: b358242f2ec027a2f866dafc34b3add4
SHA-256: 2c9bcbfc7def591564a808c65c53702bda2bb3c48928cb7dc94a456f55e4691e
Size: 15.15 MB - kernel-debug-devel-matched-5.14.0-70.17.1.el9_0.x86_64.rpm
MD5: a638adec54a2e962c3cca4cd985ba393
SHA-256: c35f3ff3e4face42e94a7f6f4ba68500e16b4b04962cf3c9d1973a9196a9a835
Size: 590.12 kB - kernel-debug-modules-5.14.0-70.17.1.el9_0.x86_64.rpm
MD5: f27aea9791c9a4a781ef7ca3e342342f
SHA-256: a0f3e77a474538797b9abae781fbb492e03c72b17d077b6042d1c3ec2e492bee
Size: 40.79 MB - kernel-debug-modules-extra-5.14.0-70.17.1.el9_0.x86_64.rpm
MD5: 33ba7d05de06f16ba9837627d9ff764f
SHA-256: 9f949642ac43df4253ea41ed66bb5e3254d4b166e27784b524fa858a128f2111
Size: 1.28 MB - kernel-devel-5.14.0-70.17.1.el9_0.x86_64.rpm
MD5: 0ba016fe3fc8fb6ad56375bfaa247c8d
SHA-256: 33a4356abe8cfea2a4181f65ab790b745eba143067f52b28bc3474125a9a76f9
Size: 15.03 MB - kernel-devel-matched-5.14.0-70.17.1.el9_0.x86_64.rpm
MD5: efd6fb276b888ce677b411e3a0314255
SHA-256: 951b432fba0969bdbc278d89d5748cbe350706feb85bfb4965620403fe62da8b
Size: 590.09 kB - kernel-doc-5.14.0-70.17.1.el9_0.noarch.rpm
MD5: cb0c1249f309a48ec1cb50a68b26cd25
SHA-256: 323250dd81d154a55957aa43c1dac61f47aea96b76c5db32eacb07cc57e67a24
Size: 28.52 MB - kernel-headers-5.14.0-70.17.1.el9_0.x86_64.rpm
MD5: 9c4534d2021d5931df753919fb02d3d5
SHA-256: e3718adc1e6da8bb351b1b236a3653e3a3c35ccc295064725f1bb29fceb45d13
Size: 1.94 MB - kernel-modules-5.14.0-70.17.1.el9_0.x86_64.rpm
MD5: 6c8ed3b699ce98aeedecbfe86a9a4804
SHA-256: 83482e6fb9ba156e5ac30f63028a893e0125bfa0da951dd546ee3ea072a19d7c
Size: 21.07 MB - kernel-modules-extra-5.14.0-70.17.1.el9_0.x86_64.rpm
MD5: 0708471c106dc27e337da90d75350b18
SHA-256: 05a2f46bd04246969bd8e0a70246ec0bddefcd3917bf5d20d99c9114df469748
Size: 957.45 kB - kernel-tools-5.14.0-70.17.1.el9_0.x86_64.rpm
MD5: 62dbdf35716fb7844e949b4d93a99b7c
SHA-256: 6ad0fc514b4027aae47990ab57587554ebb543ea878a95a22bcdb1038d0db158
Size: 810.45 kB - kernel-tools-libs-5.14.0-70.17.1.el9_0.x86_64.rpm
MD5: 9607579b37addc3cf3220caac1e1c175
SHA-256: a5b391d76b87460f963cf5d1df7cb77c3ff32874adb1e53fd1b7705cca62d65b
Size: 599.84 kB - kernel-tools-libs-devel-5.14.0-70.17.1.el9_0.x86_64.rpm
MD5: 98885832bd2475ad0f4777dcb3f191e8
SHA-256: 38f1158ac28d4c4a617837a03f0b06679fcdc185f4dc3022ac352d20a51242e6
Size: 592.38 kB - perf-5.14.0-70.17.1.el9_0.x86_64.rpm
MD5: d1fee76da8cfb784ebf2feeec4d0e07b
SHA-256: e47beeb97617902607429a4071a33c0214f9ef87ce3cc94c701dc0173ac61016
Size: 2.86 MB - python3-perf-5.14.0-70.17.1.el9_0.x86_64.rpm
MD5: 7149942791c4170f7ee8c59e9cb6e5e2
SHA-256: da348a75cabfe794d46bf49d529eae0f6d4d7f929fea3f9cc13738586a3da7f3
Size: 719.49 kB
English