安全公告详情

NS-SA-2023-0107

2023-07-15 14:19:23

简介

important: kernel security update

严重级别

important

主题

An update for kernel is now available for NewStart CGSL MAIN 6.02.
NewStart Security has rated this update as having a security impact of important. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

详细描述

kernel: This package provides *.ipa-clones files.


Security Fix(es):
kernel: A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.(CVE-2021-4037)
kernel: A use-after-free flaw was found in the Linux kernel’s performance events functionality. A user triggers a race condition in setting up performance monitoring between the leading PERF_TYPE_TRACEPOINT and sub PERF_EVENT_HARDWARE plus the PERF_EVENT_SOFTWARE using the perf_event_open() function with these three types. This flaw allows a local user to crash the system.(CVE-2022-1729)
kernel: bugfix


Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 6.02.E0CP1B1.

影响组件

  • kernel

影响产品

  • CGSL MAIN 6.02

更新包

{"fix":[{"product":"CGSL MAIN 6.02","pkgs":[{"binary":["kernel-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm","perf-debuginfo-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm","kernel-devel-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm","kernel-debuginfo-common-x86_64-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm","python3-perf-debuginfo-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm","kernel-debuginfo-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm","bpftool-debuginfo-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm","kernel-tools-libs-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm","kernel-tools-debuginfo-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm","python3-perf-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm","kernel-modules-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm","bpftool-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm","kernel-core-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm","kernel-debug-debuginfo-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm","kernel-headers-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm","kernel-tools-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm","kernel-modules-extra-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm","perf-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm"],"source":"kernel-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.src.rpm"}]}]}
CGSL MAIN 6.02
  • kernel-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.src.rpm
    • kernel-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm
    • perf-debuginfo-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm
    • kernel-devel-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm
    • kernel-debuginfo-common-x86_64-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm
    • python3-perf-debuginfo-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm
    • kernel-debuginfo-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm
    • bpftool-debuginfo-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm
    • kernel-tools-libs-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm
    • kernel-tools-debuginfo-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm
    • python3-perf-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm
    • kernel-modules-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm
    • bpftool-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm
    • kernel-core-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm
    • kernel-debug-debuginfo-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm
    • kernel-headers-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm
    • kernel-tools-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm
    • kernel-modules-extra-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm
    • perf-4.18.0-193.14.2.el8_2.cgslv6_2.667.2.g8fbbf5ece.x86_64.rpm

CVE

参考

© 2004-2023 广东中兴新支点技术有限公司 版权所有 (www.gd-linux.com) 粤ICP备15061780号-2

全国服务热线:400-033-0108