kernel-4.18.0-425.13.1.el8_7
エラータID: AXSA:2023-5190:06
リリース日:
2023/03/01 Wednesday - 09:55
題名:
kernel-4.18.0-425.13.1.el8_7
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- Intel 社製の iSMT SMBus ホストコントローラーのドライバには、
メモリ領域の範囲外読み取りの問題があるため、ローカルの攻撃者に
より、ioctl(2) を用いた I2C_SMBUS_BLOCK_DATA への細工した
データの入力を介して、カーネルパニックの発生を可能とする脆弱性
が存在します。(CVE-2022-2873)
- mm/mremap.c で実装されている処理には、rmap 走査処理と
mremap(2) システムコール間の競合状態の発生に起因する古い TLB を
介したメモリ解放後利用の問題があるため、ローカルの攻撃者により、
特権昇格やカーネルパニックの発生を可能とする脆弱性が存在します。
(CVE-2022-41222)
- NFS の実装には、バッファオーバーフローの問題があるため、
リモートの攻撃者により、メッセージの末尾に不要なデータを追加する
形で細工した RPC メッセージの送信を介して、サービス拒否攻撃など
を可能とする脆弱性が存在します。(CVE-2022-43945)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2022-2873
An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system.
An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system.
CVE-2022-41222
mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.
mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.
CVE-2022-43945
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
追加情報:
N/A
ダウンロード:
SRPMS
- kernel-4.18.0-425.13.1.el8_7.src.rpm
MD5: 3fbe88e397c7490e66ac38f839e81333
SHA-256: 70813b5730ccd5a241d19e32581c6632430ffac4ef8d988a48256e50cd6e7b66
Size: 126.59 MB
Asianux Server 8 for x86_64
- bpftool-4.18.0-425.13.1.el8_7.x86_64.rpm
MD5: 9119342e720a9aaf97e6e757d4ff3773
SHA-256: 69a55acef00709ff98f914c5c685598a3f992fcfab6694a6c321db2114611c15
Size: 9.59 MB - kernel-4.18.0-425.13.1.el8_7.x86_64.rpm
MD5: e72c697ecb3b0ef10b9daade467ae6c9
SHA-256: f9096ee35a7737fadc944233d4cdb4395bd1bbe4c454092f836147f02c24760d
Size: 8.85 MB - kernel-abi-stablelists-4.18.0-425.13.1.el8_7.noarch.rpm
MD5: f63de8b44a40a47bee25f555ca4fdf1e
SHA-256: 5b2b6e7c56c3499391a4754d0968c23c97972646702458168a50544981812dd4
Size: 8.86 MB - kernel-core-4.18.0-425.13.1.el8_7.x86_64.rpm
MD5: 32ca80ca524e95d15c26927e65673091
SHA-256: e706687017a2b5640112809d00a9b2333e0f88917de4bac8c8a447eee99fe65c
Size: 40.88 MB - kernel-cross-headers-4.18.0-425.13.1.el8_7.x86_64.rpm
MD5: ff747f1b6b4de8dc8f739ec60789fcdf
SHA-256: 62769f5afadc1884b3ca46fc83831d6785444a26c9851dd028fc3a6fa565828f
Size: 14.09 MB - kernel-debug-4.18.0-425.13.1.el8_7.x86_64.rpm
MD5: 3b24f33e74eef45fdcf77aaaef8cf1aa
SHA-256: 0af01114c0091a55262a0a8f160289ab5a27170505d291122e713fa77c664dd9
Size: 8.85 MB - kernel-debug-core-4.18.0-425.13.1.el8_7.x86_64.rpm
MD5: f52a35056812bcda2e580617feaad070
SHA-256: 1bb65f6144c86f807ab5063bf1f35cef3c217a562e339ffb385bc527969c9857
Size: 69.47 MB - kernel-debug-devel-4.18.0-425.13.1.el8_7.x86_64.rpm
MD5: 1b4094f031ef363b4c4abaf5ddd584b7
SHA-256: dfa57067374d47e6b5d26cfbdc8b268fef857ee0f989ebf740bcf75fbddf9148
Size: 22.44 MB - kernel-debug-modules-4.18.0-425.13.1.el8_7.x86_64.rpm
MD5: 2f8c088d34b7ae428c7b09126fd4b503
SHA-256: 08171532cdfda0abf1b2cd53096449faf73f94b38b0f2a22f5a54ef237f390da
Size: 61.10 MB - kernel-debug-modules-extra-4.18.0-425.13.1.el8_7.x86_64.rpm
MD5: 2c3192d903ba73614096eb6f82424249
SHA-256: c9deabe8a6c6a173ded52971b04f3cf727f71a694c6870c4d630ba5288a64a74
Size: 10.21 MB - kernel-devel-4.18.0-425.13.1.el8_7.x86_64.rpm
MD5: f5d0aaee5f2a6f37b5493ddec06ec9ec
SHA-256: e6eb5171a02720788f55f78be41d45a44e99aba5e53e5b989057e5120dfb58df
Size: 22.24 MB - kernel-doc-4.18.0-425.13.1.el8_7.noarch.rpm
MD5: 7ad5759592436991032290cb6b3e1eb1
SHA-256: 9d322da5dd1237f41c51ff620c3a269df09e982c6408dc2603ff652b75a5b460
Size: 26.47 MB - kernel-headers-4.18.0-425.13.1.el8_7.x86_64.rpm
MD5: b1fcf7b2c72935dc3db688bb966fce98
SHA-256: aad23ee0fcf73476cf2d82d6c2c36788287b49a3b71ff9d4c2b19041749d5db8
Size: 10.17 MB - kernel-modules-4.18.0-425.13.1.el8_7.x86_64.rpm
MD5: 61ce8c698fafc9e6738d6f9bac677154
SHA-256: a221349b3c484aa8dd1b625449d87c0526801d972666c42f90f97c4650a13152
Size: 33.21 MB - kernel-modules-extra-4.18.0-425.13.1.el8_7.x86_64.rpm
MD5: 359ffaf96496b95586bcffd16ae0bbbf
SHA-256: fa450eff7bec4a704724614306f94c2c3c4ca09d878286c35a18c6049e159ff1
Size: 9.52 MB - kernel-tools-4.18.0-425.13.1.el8_7.x86_64.rpm
MD5: ed054297520089fd928c5a3c35477f85
SHA-256: 3bc43871a9c6531555778af41627b032c6ab55353b576738574f2c1b0bb776a6
Size: 9.06 MB - kernel-tools-libs-4.18.0-425.13.1.el8_7.x86_64.rpm
MD5: 66c9e6bcce44c4aa9665d6b44cc8f403
SHA-256: 18d76c6540b332706b5eb6dbe293c476499590f050cd75ade5e092b7fef9f170
Size: 8.85 MB - kernel-tools-libs-devel-4.18.0-425.13.1.el8_7.x86_64.rpm
MD5: 627e154ab0a3195897d5b45f82f5a3c1
SHA-256: 93203c744387bdebeaded60f29119d3c32f47592d729c136daff01d36d1e4daa
Size: 8.85 MB - perf-4.18.0-425.13.1.el8_7.x86_64.rpm
MD5: 667f199c3986b6cd1601e57942ca052b
SHA-256: 6e5b48ad6ef0a844f2ac4b97d02e7aa3e7abf7eaa6b0c158dc5f404a6bf010f8
Size: 11.18 MB - python3-perf-4.18.0-425.13.1.el8_7.x86_64.rpm
MD5: 019222eda763576ef2d88fd7fa4694a0
SHA-256: e0814ca9f5f58b92ceda7c6c01ddef1cb89277593e0b642744ba66e2b2e7b0c1
Size: 8.97 MB