kernel-4.18.0-553.50.1.el8_10

エラータID: AXSA:2025-9863:28

リリース日: 
2025/04/23 Wednesday - 15:13
題名: 
kernel-4.18.0-553.50.1.el8_10
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

以下項目について対処しました。

[Security Fix]
- sound/usb/clock.c には、データの長さのチェック処理の欠落に起因
したメモリ領域の範囲外読み取りの問題があるため、ローカルの攻撃者
により、細工された USB オーディオデバイスの利用を介して、サービス
拒否攻撃を可能とする脆弱性が存在します。(CVE-2024-53150)

- Xen の iret ハイパーバイザーコールの処理には、メモリ領域の範囲外
アクセスの問題があるため、近隣のネットワーク上の攻撃者により、
情報の漏洩を可能とする脆弱性が存在します。(CVE-2024-53241)

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2024-53150
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. That is, when a device provides a bogus descriptor with a shorter bLength, the driver might hit out-of-bounds reads. For addressing it, this patch adds sanity checks to the validator functions for the clock descriptor traversal. When the descriptor length is shorter than expected, it's skipped in the loop. For the clock source and clock multiplier descriptors, we can just check bLength against the sizeof() of each descriptor type. OTOH, the clock selector descriptor of UAC2 and UAC3 has an array of bNrInPins elements and two more fields at its tail, hence those have to be checked in addition to the sizeof() check.
CVE-2024-53241
In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer using hypercall page at all, as it has shown to cause problems with speculation mitigations. This is part of XSA-466 / CVE-2024-53241.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. kernel-4.18.0-553.50.1.el8_10.src.rpm
    MD5: a16aeb41bf194e0016d9033a77adc91a
    SHA-256: bc1f8542ff37f21c7fb0a5595dd83840f521c923e497a0b28f9f929ad572fa65
    Size: 132.22 MB

Asianux Server 8 for x86_64
  1. bpftool-4.18.0-553.50.1.el8_10.x86_64.rpm
    MD5: a0260aa41c967642004dee2746f7b0b0
    SHA-256: c2838bdd585c5950e4d2b0ef62a71da6f34f8eb1992d88d6d700778a9377ff73
    Size: 11.21 MB
  2. kernel-4.18.0-553.50.1.el8_10.x86_64.rpm
    MD5: d908dec2988c6f09a1b6bf06a8108c33
    SHA-256: c891d2d9d5475da61c9f4d7f13989c9bd31a58d8f43f9f4db1d9e7a1aa68fc83
    Size: 10.48 MB
  3. kernel-abi-stablelists-4.18.0-553.50.1.el8_10.noarch.rpm
    MD5: 7213b9d0ab62cb18c1d8a0097132603f
    SHA-256: 6a0f49f06400277f3eaaec18ee4501c9b4fdf6eaf9ddc9875153583cac1e9f91
    Size: 10.50 MB
  4. kernel-core-4.18.0-553.50.1.el8_10.x86_64.rpm
    MD5: cae1f1766fbb40d651a0e6289330c345
    SHA-256: f7064502bf6f7c1280e8b312aff12d296cdbdc8cd3fbf2d8341d1659f1ced562
    Size: 43.51 MB
  5. kernel-cross-headers-4.18.0-553.50.1.el8_10.x86_64.rpm
    MD5: c4f26bc71b377410d528e7bdb7045e5b
    SHA-256: cabfe0a4b1a82f5a61a38ea98bbb268255d5e85864d0a602bf1066b481901218
    Size: 15.83 MB
  6. kernel-debug-4.18.0-553.50.1.el8_10.x86_64.rpm
    MD5: 26ebbe187e16bfc4ce585d172871afaa
    SHA-256: 8202b5c90feb2bcaee0328b916f3c63af805845ccf15a929b803d243b14c2d08
    Size: 10.48 MB
  7. kernel-debug-core-4.18.0-553.50.1.el8_10.x86_64.rpm
    MD5: f40e26c3f6cff337239c4503e9a9c236
    SHA-256: a0ec62a048c4b74820e74b5b1af7cde491afa625430a484592f0edb96d4da527
    Size: 72.80 MB
  8. kernel-debug-devel-4.18.0-553.50.1.el8_10.x86_64.rpm
    MD5: 581c9bbb85c93c6a2ed68695dbe7b289
    SHA-256: 0e615725d50fdb3c2775dbefd532df76c1beddfe543d7b27da570eb58becfe02
    Size: 24.31 MB
  9. kernel-debug-modules-4.18.0-553.50.1.el8_10.x86_64.rpm
    MD5: b117fd808ebfef53680e354975be219a
    SHA-256: dc9e1bed799dc30fe7f25d58f29e22c537492758b057bb34ac89cd101af5e6b5
    Size: 65.89 MB
  10. kernel-debug-modules-extra-4.18.0-553.50.1.el8_10.x86_64.rpm
    MD5: 7a2e489a8838cda9cc6e7904db68b5da
    SHA-256: 13bd479fbd6cf0cbb4d63b902f609c05c4b6677729566ae44a981742c858c2f7
    Size: 11.86 MB
  11. kernel-devel-4.18.0-553.50.1.el8_10.x86_64.rpm
    MD5: c095c1c1ad5840b9b840154af1b49f94
    SHA-256: a5f3d1ffe2513fb639792676dc0cc1d688604fc56e6843aa3fc76bc801ef902c
    Size: 24.11 MB
  12. kernel-doc-4.18.0-553.50.1.el8_10.noarch.rpm
    MD5: 7b42de391ecaa0b0d15add4a89900e7e
    SHA-256: 25b05f42cb9918df0c402882c147338e82b747d69448fa448fe6d5f0852a9a98
    Size: 28.34 MB
  13. kernel-headers-4.18.0-553.50.1.el8_10.x86_64.rpm
    MD5: 3d233179986f15d349a3ade3951f16f7
    SHA-256: ec3eb4f7c81e9ba986d6af810d90db3beb741f43e0191156f278bbe262150ba7
    Size: 11.83 MB
  14. kernel-modules-4.18.0-553.50.1.el8_10.x86_64.rpm
    MD5: 8d9876b293fa09918e9b43cde8e07fd7
    SHA-256: b5d37ff6b95e5077d9d9a1c37e253ac87400b44e246eecf117360e3efe00381d
    Size: 36.30 MB
  15. kernel-modules-extra-4.18.0-553.50.1.el8_10.x86_64.rpm
    MD5: fd4c5b1cb48b641533a5da20bab322be
    SHA-256: c2c6df296f8fc70e80bcfab8389b5c44981a1d2acbfd1604abe2de753ef7b17d
    Size: 11.17 MB
  16. kernel-tools-4.18.0-553.50.1.el8_10.x86_64.rpm
    MD5: 932e0c10b69c0b2049761f453c1f447f
    SHA-256: 2d0639b61d8e5caab16ee41c6a1cd8b8b2e2941cd9316f1894dc5677688f5169
    Size: 10.70 MB
  17. kernel-tools-libs-4.18.0-553.50.1.el8_10.x86_64.rpm
    MD5: 7546ce3908cef78551e5215e63294542
    SHA-256: 88d9e48b9db86564920e9376db8caf38dbbcb651b45700b14ed93e884f8cf07a
    Size: 10.49 MB
  18. kernel-tools-libs-devel-4.18.0-553.50.1.el8_10.x86_64.rpm
    MD5: bde0f3f08c45b8ca9c020586858a8d8a
    SHA-256: 7fba8ca82e5a64e996e984a3f63566ac2232f58e7a57c8f147e97036874325a1
    Size: 10.48 MB
  19. perf-4.18.0-553.50.1.el8_10.x86_64.rpm
    MD5: ba5de638f76cbc314435b63e36ec539e
    SHA-256: a76827fa433495fd32d7200b9fa30f40d162dd5f6d64836bce51d4d4fb9f0e5b
    Size: 12.80 MB
  20. python3-perf-4.18.0-553.50.1.el8_10.x86_64.rpm
    MD5: 7c7a1b6d745355466971c8297b49bfc6
    SHA-256: aa5af8e7bfa48749a84817bd75e259562bf1adc6a9a9adcd42ff9ebec42282b7
    Size: 10.61 MB