systemd-239-74.el8.2
エラータID: AXSA:2023-6151:10
リリース日:
2023/06/28 Wednesday - 02:16
題名:
systemd-239-74.el8.2
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- systemd の systemctl コマンドには、権限の昇格を適切に制御できて
いない問題があるため、ローカルの攻撃者により、sudo コマンド用いた
systemctl コマンドの実行を介して、特権での任意のプログラムの実行
を可能とする脆弱性が存在します。(CVE-2023-26604)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2023-26604
systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.
systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.
追加情報:
N/A
ダウンロード:
SRPMS
- systemd-239-74.el8.2.src.rpm
MD5: a43f5df32b51f804eb682ffd08f9cf54
SHA-256: 069cf146f5d18f53ab6810d6637a44d873a38d312b833b67aedc8cbfd7fff3da
Size: 8.60 MB
Asianux Server 8 for x86_64
- systemd-239-74.el8.2.i686.rpm
MD5: 51aa4f586818b3d3fa3bafdf702671d0
SHA-256: 1d2612efb8cc69c6a522e51949b5263dc397b87c23111ed3664b9c6ef11c1ddd
Size: 3.74 MB - systemd-239-74.el8.2.x86_64.rpm
MD5: e71b99288bcef076ab851e297fd09e0b
SHA-256: 39cf1eadeb20f685853aa351264da2fca0c52a3a1847f065925ced3e75d74276
Size: 3.63 MB - systemd-container-239-74.el8.2.i686.rpm
MD5: f79f23958aa3734e7421cbdc773ec82f
SHA-256: e9d9cbb4711d81eaaa70a2d6ab49981ecf11bcbe35eab363fd6f552625c46e48
Size: 807.30 kB - systemd-container-239-74.el8.2.x86_64.rpm
MD5: 876cd662925c50463f76c96f9a194c01
SHA-256: 9e82e22b12d9bbf5cb889d3f98226a3887106f1071d59fa620379ab41033c9db
Size: 771.88 kB - systemd-devel-239-74.el8.2.i686.rpm
MD5: 02ffd99f00494e3ce0196fe12b3d7fdf
SHA-256: 44b4c860117b903cb53c4fca2293e8eda3d5f9c5c4d86910d6b6572b981e060a
Size: 403.27 kB - systemd-devel-239-74.el8.2.x86_64.rpm
MD5: 573683415be0aba2528e3df02446bc61
SHA-256: 6f91ad15657a1ae31c0ac2e551dfb9cee79c4b36ed32caab946d4e0ae302b058
Size: 403.25 kB - systemd-journal-remote-239-74.el8.2.x86_64.rpm
MD5: aee5c7eab6881372b71756b7bc7f8e23
SHA-256: 56d5334120cecc3648356017278e9d6585a1946be806663bdb9d52d15b7582e9
Size: 201.50 kB - systemd-libs-239-74.el8.2.i686.rpm
MD5: be3e36732d034f91985a92e1bfa9006d
SHA-256: 83b76c4daf7749932be69319bb6e01dd912c9f0b60f4cdb0669defab7660cfd3
Size: 1.19 MB - systemd-libs-239-74.el8.2.x86_64.rpm
MD5: 7bc03c32e3c04c1f4b7cd4e09adfd064
SHA-256: bd904a8e30e5c9291ff10eb6200834f41a8d9ea8be2ea971a0e43f287d1d505f
Size: 1.13 MB - systemd-pam-239-74.el8.2.x86_64.rpm
MD5: 19c47d63b8737e482ec5c923507c7076
SHA-256: 71b78fd003ded551e074791bc357205c022cb7192c39f16e1c4a848543916162
Size: 503.71 kB - systemd-tests-239-74.el8.2.x86_64.rpm
MD5: 703ef9b40fdd4876eef4de1706d1431a
SHA-256: 34c9c7e9665c2fa94d34c6437e779cab13fff1293e1058e4608140a0db848b4e
Size: 5.45 MB - systemd-udev-239-74.el8.2.x86_64.rpm
MD5: 8801182b35dd3e3460da5bee47e7d3b4
SHA-256: be38b1f34c60ed8a8e98ee21169e6494501c3b7ed38f4c2e2eaf1db80ee1568e
Size: 1.58 MB