安全公告详情

NS-SA-2023-0073

2023-05-29 09:41:11

简介

important: kernel/qemu security update

严重级别

important

主题

An update for kernel/qemu is now available for NewStart CGSL MAIN 6.02.
NewStart Security has rated this update as having a security impact of important. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

详细描述

kernel: The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.
qemu: This package provides the additional iSCSI block driver for QEMU. Install this package if you want to access iSCSI volumes.


Security Fix(es):
kernel: A vulnerability was found in NFSv4.2 in the Linux kernel, where a server fails to correctly apply umask when creating a new object on filesystem without ACL support (for example, ext4 with the "noacl" mount option). This flaw allows a local attacker with a user privilege to cause a kernel information leak problem.(CVE-2020-24394)
kernel: A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.(CVE-2022-0494)
kernel: A NULL pointer dereference was found in the Linux kernel?s UDF file system functionality in the way the user triggers the udf_file_write_iter function for a malicious UDF image. This flaw allows a local user to crash the system.(CVE-2022-0617)
kernel: A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.(CVE-2022-1353)
kernel: A memory leak flaw was found in bnx2x_tpa_stop in drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c in the bnx2x sub-component in the Linux Kernel. This flaw may allow a local attacker to cause a denial of service.(CVE-2022-3542)
kernel: A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.(CVE-2022-3545)
kernel: A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to to disclose sensitive information or crash the system, causing a denial of service.(CVE-2022-3586)
kernel: A vulnerability was found in intr_callback in drivers/net/usb/r8152.c in the BPF component in the Linux Kernel. The manipulation leads to logging excessive data, where an attack can be launched remotely.(CVE-2022-3594)
kernel: An out-of-bounds memory write flaw in the Linux kernel’s USB Monitor component was found in how a user with access to the /dev/usbmon can trigger it by an incorrect write to the memory of the usbmon. This flaw allows a local user to crash or potentially escalate their privileges on the system.(CVE-2022-43750)
kernel: bugfix
qemu: An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhci_read_dataport and sdhci_write_dataport, respectively, if data_count == block_size. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.(CVE-2022-3872)
qemu: bugfix


Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 6.02.D0B5.

影响组件

  • kernel
  • qemu

影响产品

  • CGSL MAIN 6.02

更新包

{"fix":[{"product":"CGSL MAIN 6.02","pkgs":[{"binary":["bpftool-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm","kernel-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm","kernel-core-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm","kernel-devel-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm","kernel-headers-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm","kernel-modules-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm","kernel-modules-extra-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm","kernel-tools-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm","kernel-tools-libs-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm","perf-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm","python3-perf-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm"],"source":"kernel-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.src.rpm"},{"binary":["qemu-4.1.0-2.el8.cgslv6_2.261.ga4ca78416.x86_64.rpm","qemu-block-rbd-4.1.0-2.el8.cgslv6_2.261.ga4ca78416.x86_64.rpm","qemu-common-4.1.0-2.el8.cgslv6_2.261.ga4ca78416.x86_64.rpm","qemu-img-4.1.0-2.el8.cgslv6_2.261.ga4ca78416.x86_64.rpm","qemu-kvm-4.1.0-2.el8.cgslv6_2.261.ga4ca78416.x86_64.rpm","qemu-tools-4.1.0-2.el8.cgslv6_2.261.ga4ca78416.x86_64.rpm"],"source":"qemu-4.1.0-2.el8.cgslv6_2.261.ga4ca78416.src.rpm"}]}]}
CGSL MAIN 6.02
  • kernel-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.src.rpm
    • bpftool-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm
    • kernel-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm
    • kernel-core-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm
    • kernel-devel-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm
    • kernel-headers-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm
    • kernel-modules-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm
    • kernel-modules-extra-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm
    • kernel-tools-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm
    • kernel-tools-libs-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm
    • perf-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm
    • python3-perf-4.18.0-193.14.2.el8_2.cgslv6_2.599.g67816c2b8.x86_64.rpm
  • qemu-4.1.0-2.el8.cgslv6_2.261.ga4ca78416.src.rpm
    • qemu-4.1.0-2.el8.cgslv6_2.261.ga4ca78416.x86_64.rpm
    • qemu-block-rbd-4.1.0-2.el8.cgslv6_2.261.ga4ca78416.x86_64.rpm
    • qemu-common-4.1.0-2.el8.cgslv6_2.261.ga4ca78416.x86_64.rpm
    • qemu-img-4.1.0-2.el8.cgslv6_2.261.ga4ca78416.x86_64.rpm
    • qemu-kvm-4.1.0-2.el8.cgslv6_2.261.ga4ca78416.x86_64.rpm
    • qemu-tools-4.1.0-2.el8.cgslv6_2.261.ga4ca78416.x86_64.rpm

CVE

参考

© 2004-2023 广东中兴新支点技术有限公司 版权所有 (www.gd-linux.com) 粤ICP备15061780号-2

全国服务热线:400-033-0108