tomcat-9.0.87-2.el9_5.1
エラータID: AXSA:2025-9840:01
リリース日:
2025/04/09 Wednesday - 16:52
題名:
tomcat-9.0.87-2.el9_5.1
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- Apache Tomcat には、サーブレットによる書き込みを許容する
設定になっている場合、大文字と小文字を区別しないファイル
システムにおいて JSP のコンパイル中にレースコンディション
(Time-of-check Time-of-use : TOCTOU) に至る問題があるため、
リモートの攻撃者により、任意のコードの実行を可能とする脆弱性が
存在します。(CVE-2024-50379)
- Apache Tomcat には、リモートの攻撃者により、書き込みが許可された
悪意のあるデフォルトサーブレットの実行を介して、特定の条件下において、
任意のコードの実行、情報の漏洩、および不正なファイルの書き込みを
可能とする脆弱性が存在します。(CVE-2025-24813)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2024-50379
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue.
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue.
CVE-2025-24813
Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98. If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads - attacker knowledge of the names of security sensitive files being uploaded - the security sensitive files also being uploaded via partial PUT If all of the following were true, a malicious user was able to perform remote code execution: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - application was using Tomcat's file based session persistence with the default storage location - application included a library that may be leveraged in a deserialization attack Users are recommended to upgrade to version 11.0.3, 10.1.35 or 9.0.99, which fixes the issue.
Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98. If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads - attacker knowledge of the names of security sensitive files being uploaded - the security sensitive files also being uploaded via partial PUT If all of the following were true, a malicious user was able to perform remote code execution: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - application was using Tomcat's file based session persistence with the default storage location - application included a library that may be leveraged in a deserialization attack Users are recommended to upgrade to version 11.0.3, 10.1.35 or 9.0.99, which fixes the issue.
追加情報:
N/A
ダウンロード:
SRPMS
- tomcat-9.0.87-2.el9_5.1.src.rpm
MD5: ff25c0263afbe8bbbfd1092805a6a342
SHA-256: 687c4f26523f7d5324342498fb2a185d825624add880d73ce18d5f03b125584c
Size: 15.12 MB
Asianux Server 9 for x86_64
- tomcat-9.0.87-2.el9_5.1.noarch.rpm
MD5: 893283dcb449f8affe73ee946353bb77
SHA-256: c6ac3ef24f9e4286f6e9aff90b931f54e7ee532b60a23ac4aa5027d8fcdc93d3
Size: 98.33 kB - tomcat-admin-webapps-9.0.87-2.el9_5.1.noarch.rpm
MD5: d59526d1809472ee3fef1d6c337483e8
SHA-256: 2ca2e1faa822aee632b1a1f0ca642ff7c99a532d67f15e96706d8e044fc87efd
Size: 79.15 kB - tomcat-docs-webapp-9.0.87-2.el9_5.1.noarch.rpm
MD5: 04c13d84c6993217803b3fcccec86d19
SHA-256: ea4c75bfd062ae290d3e316286ad5f47e4b6ac8bdfee06f2dd3c938094ade4d9
Size: 725.50 kB - tomcat-el-3.0-api-9.0.87-2.el9_5.1.noarch.rpm
MD5: 3ee61ae03d44954b5fc8f7698f1d568e
SHA-256: 14846ec73dc939baba48ec04d117c0bcab0ea5316159f0a9b679398061520df9
Size: 104.90 kB - tomcat-jsp-2.3-api-9.0.87-2.el9_5.1.noarch.rpm
MD5: 88a643d795c70e7dde81b1b892d549ae
SHA-256: e4fb96fd5fef9a464a2672c39716ca551777a8314b7f1c4370b3fab6391ba5e8
Size: 71.84 kB - tomcat-lib-9.0.87-2.el9_5.1.noarch.rpm
MD5: 84ec2cb30ccb8bf050f647dfc024af8a
SHA-256: ea97d9bbd4ace12821c4221b1b0ebbbb760a251acaf6aa6c30f15b4ed0f822ab
Size: 5.97 MB - tomcat-servlet-4.0-api-9.0.87-2.el9_5.1.noarch.rpm
MD5: a190ecb131d6070ae71ec5e30a9c4363
SHA-256: 26092fd951dc14074de936473daeb80ddc3349449c845a0844692cf0db35b1a4
Size: 283.87 kB - tomcat-webapps-9.0.87-2.el9_5.1.noarch.rpm
MD5: e8a93bd688690f21beb5c68b5b6dd283
SHA-256: 4c625a392c0d6f0af21ac754bbb4febfdcf2f09221204ef257cf1e69a8a6f1ca
Size: 80.02 kB