kernel-5.14.0-362.13.1.el9_3
エラータID: AXSA:2024-7406:02
リリース日:
2024/01/17 Wednesday - 00:30
題名:
kernel-5.14.0-362.13.1.el9_3
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- Common Internet File System (CIFS) の smb2_is_status_io_timeout()
関数には、メモリ領域の解放後利用の問題があるため、リモートの
攻撃者により、サービス拒否攻撃を可能とする脆弱性が存在します。
(CVE-2023-1192)
- AMD 社製の一部のプロセッサには、リターンアドレスの予測を可能と
するサイドチャネル攻撃の問題があるため、ローカルの攻撃者により、
情報の漏洩を可能とする脆弱性が存在します。(CVE-2023-20569)
- IGB ドライバの drivers/net/ethernet/intel/igb/igb_main.c
には、バッファーオーバーフローの問題があるため、リモートの
攻撃者により、MTU の値を超えるパケットの受信を介して、サービス
拒否攻撃を可能とする脆弱性が存在します。(CVE-2023-45871)
- SMB クライアントコンポーネントの smb3_fs_context_parse_param()
関数には、メモリ領域の解放後利用の問題があるため、ローカルの
攻撃者により、特権昇格、およびサービス拒否攻撃 (クラッシュの
発生) を可能とする脆弱性が存在します。(CVE-2023-5345)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2023-1192
A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service.
A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service.
CVE-2023-20569
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
CVE-2023-45871
An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.
An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.
CVE-2023-5345
A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free. We recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.
A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free. We recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.
追加情報:
N/A
ダウンロード:
SRPMS
- kernel-5.14.0-362.13.1.el9_3.src.rpm
MD5: 3d45d5975ac452ded8e83f6ee0faf4e1
SHA-256: f805d8b6bd13133dd521a6758071d74563c5dce41505274fd7192bd0c2cfbe18
Size: 140.67 MB
Asianux Server 9 for x86_64
- bpftool-7.2.0-362.13.1.el9_3.x86_64.rpm
MD5: 84c0b8da90443df2a02166ef44e1602a
SHA-256: eb4c6ebcbd3360a2c98eec9e70a92a39c8c869df8dededfd96fa5be4659e55cb
Size: 5.62 MB - kernel-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: d545297f00b43b16ea09541d6276d46e
SHA-256: 6e4624029a280584a4df76c73933cae24b6d40c2487b72d081d52dfcfe755a89
Size: 4.87 MB - kernel-abi-stablelists-5.14.0-362.13.1.el9_3.noarch.rpm
MD5: b2277b38f4c5d3ab8d38ebabe017bd88
SHA-256: 343a838ac7e1d012af59d41cbbcabee7a863ebfbb3fd1c09c1850880019264dd
Size: 4.88 MB - kernel-core-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: 906717a9377a0a5147d15a009f1c6640
SHA-256: 02051ebada542f50d18a3be2164d95e511c9aee9308fba6dd54d41837155fed9
Size: 19.46 MB - kernel-cross-headers-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: 8a74852a245ed171bfb9979a338774f3
SHA-256: 7821945256c0ad15ec57189b59eaba0b926792bf34fc39072bdf51be57ec92ec
Size: 10.55 MB - kernel-debug-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: 8d2ccb7feb090902ac96117ecd68f1e8
SHA-256: 21d7266c54e483b8c4c37f209220e1b507dcd1a47d59693ef8844c6e291dd1f1
Size: 4.87 MB - kernel-debug-core-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: 7adf02ef586ef4cfaeb779e1c2f24733
SHA-256: e58b7560b82f9d4e05a9662cdd4b90c9250ab4fdea16849e1344cb41d7823059
Size: 31.86 MB - kernel-debug-devel-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: 8e9630753e5c3e2a51263826b93f2f51
SHA-256: 631bb96be1e00c1f981e7834dcf7fb06d2aab26e871cc034d5f10b3cd36984cc
Size: 20.34 MB - kernel-debug-devel-matched-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: 990bab41ddb8e340956bf63920b596d1
SHA-256: f7516123e25c18b6b7ab44607c9530d099ae223c3e562874afd9fb3e0a661ecf
Size: 4.87 MB - kernel-debug-modules-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: 7acedcffe4b129f98c649be2c7792f6d
SHA-256: bde00421f7fb20071289686723cde351472532922b513c199fec30233d7d5f73
Size: 61.58 MB - kernel-debug-modules-core-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: fc46a4e7d1719427fa92a7818d0967f0
SHA-256: 4c02be6bf6c65fc03c8632ea8046970e545f1b6b6da5e52d2ff64cc5e5cf4819
Size: 48.36 MB - kernel-debug-modules-extra-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: 62ad4df199fde5e1b435da3622141afc
SHA-256: fcdc73521eb00dd90322ebb0c75783e540e4382bdbc077804e18ab8495c79770
Size: 5.70 MB - kernel-debug-uki-virt-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: 4216f275a9b62b2032933e44e189d828
SHA-256: b46b07cd4a7492b21da58434a7f0e4dd324e87bbe4303c263c510982a25d6a94
Size: 79.74 MB - kernel-devel-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: 4bb943513913aa03d302f00a6bd241cd
SHA-256: dcc5aea01a24d2d474235fa9fd605854b248e72ab8eb793da8dcc3cc1987cc88
Size: 20.23 MB - kernel-devel-matched-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: 3801601bb435b63f8e391ba6180e6f9c
SHA-256: 180dfb243e285a7afea4bdacd70052172134bcc7fcfc8214dae853dbb014c47c
Size: 4.87 MB - kernel-doc-5.14.0-362.13.1.el9_3.noarch.rpm
MD5: 79a02cedc977e9b81b3dc7c74c754335
SHA-256: 0851aaabf40fd3a2a6647bbecec5bdd6c81fa7151b5a4b8837c29b5ce655a7b5
Size: 34.57 MB - kernel-headers-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: 8e4352c2958be833835401b74400c527
SHA-256: a9762be900029f6b6150a175cb8655ae90656361d9af810da6d8aec73a6e68eb
Size: 6.31 MB - kernel-modules-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: 9a933728225974874c0e668614f652cf
SHA-256: 011edbb124aec7bf5d3a243141299f61b800d79311ead14bc7d69d215987f47d
Size: 37.08 MB - kernel-modules-core-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: faaa7bba50da59d5a5e7e7fe1fccbe5f
SHA-256: 2ded9033a3819f49e1b94f769e5b311cd3ce0c6e26743512371cd831002e00a2
Size: 31.50 MB - kernel-modules-extra-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: b23bea161fca9921df2442fa51204e2b
SHA-256: 204afca1361b68d22b9bc13c9961b03b52c0d2253968e39bba3143d0f5760afb
Size: 5.32 MB - kernel-tools-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: 945b5bb853704c30f0050b6c171b12cc
SHA-256: b7ab8ad70929887c655fd992eb7483bdd34a9c88a28eb0876c4c02670ce11a09
Size: 5.10 MB - kernel-tools-libs-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: 206a2291d00ef03143d99f4470b3cea1
SHA-256: 07360e141af04ee5b631bb425899e8cbcd50a1e70ea7c47a99c9235c6ecd8d89
Size: 4.88 MB - kernel-tools-libs-devel-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: 17f3724d3bb32cbdd2f46b4fc6d0b465
SHA-256: cafce6dc0a1c08c599f5c88768282360bec2f7e8a6665ae8bf22341955650f1e
Size: 4.88 MB - kernel-uki-virt-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: 1f9fe0b2736581f3934a51d10fc84f8b
SHA-256: e9a7ebe1f3c51609301b43487c1df6bae741c32de1413c1d509db20b05b944da
Size: 59.91 MB - libperf-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: 2972bdd4c541ecd5219448f4eb4bc1d7
SHA-256: 702bf01e8775f7abc33b0eb4fcf0d994f28df7f483831b8c8281ab253fd620f5
Size: 4.89 MB - perf-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: b3f5a78ff56e998c60258a7a07ac143f
SHA-256: 28e3e32a4195ac0af07185b03f6e4e1495b67a896d7377cc8ffa22f41778c4b9
Size: 7.34 MB - python3-perf-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: 9e4d2ec62523d327f7947b06fec46e16
SHA-256: 79c3c53ceba3f275877297508c664456c5904e029c25f271306ca61f8865633c
Size: 4.97 MB - rtla-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: a706754dfd200f3fb147fe335124b2e5
SHA-256: 2a14d3994f1142c5d0d15b09ead722769e66efe7699bf8aaefbde66ff75e58ba
Size: 4.92 MB - rv-5.14.0-362.13.1.el9_3.x86_64.rpm
MD5: b357c03b40a404a57a3df6f3c71fca64
SHA-256: 9e9f698ce1d0da9eabd8e1a71d57cb9dcd2decccc8cfdfe1e2f6d055bc9067bc
Size: 4.89 MB