NS-SA-2023-0108
2023-07-15 14:29:03
简介
important: python/kernel security update
严重级别
important
主题
An update for python/kernel is now available for NewStart CGSL MAIN 5.04.
NewStart Security has rated this update as having a security impact of important. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
详细描述
python: The Tkinter (Tk interface) program is an graphical user interface for the Python scripting language. You should install the tkinter package if you'd like to use a graphical user interface for Python programming.
kernel: This package provides kernel headers and makefiles sufficient to build modules against the debug kernel package.
Security Fix(es):
python: A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity.(CVE-2023-24329)
python: bugfix
kernel: A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system.(CVE-2021-4028)
kernel: A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.(CVE-2021-4155)
kernel: bugfix
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 5.04.F51B4.
影响组件
影响产品
更新包
{"fix":[{"product":"CGSL MAIN 5.04","pkgs":[{"binary":["tkinter-2.7.5-92.el7_9.cgslv5.0.5.g1f1f96c.x86_64.rpm","python-debuginfo-2.7.5-92.el7_9.cgslv5.0.5.g1f1f96c.x86_64.rpm","python-tools-2.7.5-92.el7_9.cgslv5.0.5.g1f1f96c.x86_64.rpm","python-libs-2.7.5-92.el7_9.cgslv5.0.5.g1f1f96c.x86_64.rpm","python-debug-2.7.5-92.el7_9.cgslv5.0.5.g1f1f96c.x86_64.rpm","python-2.7.5-92.el7_9.cgslv5.0.5.g1f1f96c.x86_64.rpm","python-test-2.7.5-92.el7_9.cgslv5.0.5.g1f1f96c.x86_64.rpm","python-devel-2.7.5-92.el7_9.cgslv5.0.5.g1f1f96c.x86_64.rpm"],"source":"python-2.7.5-92.el7_9.cgslv5.0.5.g1f1f96c.src.rpm"},{"binary":["kernel-tools-3.10.0-693.21.1.el7.cgslv5_4.55.1273.g2e35fb1.x86_64.rpm","perf-3.10.0-693.21.1.el7.cgslv5_4.55.1273.g2e35fb1.x86_64.rpm","perf-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.55.1273.g2e35fb1.x86_64.rpm","kernel-tools-libs-devel-3.10.0-693.21.1.el7.cgslv5_4.55.1273.g2e35fb1.x86_64.rpm","kernel-3.10.0-693.21.1.el7.cgslv5_4.55.1273.g2e35fb1.x86_64.rpm","kernel-doc-3.10.0-693.21.1.el7.cgslv5_4.55.1273.g2e35fb1.noarch.rpm","kernel-debug-devel-3.10.0-693.21.1.el7.cgslv5_4.55.1273.g2e35fb1.x86_64.rpm","kernel-tools-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.55.1273.g2e35fb1.x86_64.rpm","kernel-devel-3.10.0-693.21.1.el7.cgslv5_4.55.1273.g2e35fb1.x86_64.rpm","kernel-tools-libs-3.10.0-693.21.1.el7.cgslv5_4.55.1273.g2e35fb1.x86_64.rpm","kernel-debug-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.55.1273.g2e35fb1.x86_64.rpm","kernel-debug-3.10.0-693.21.1.el7.cgslv5_4.55.1273.g2e35fb1.x86_64.rpm","kernel-debuginfo-common-x86_64-3.10.0-693.21.1.el7.cgslv5_4.55.1273.g2e35fb1.x86_64.rpm","kernel-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.55.1273.g2e35fb1.x86_64.rpm","python-perf-3.10.0-693.21.1.el7.cgslv5_4.55.1273.g2e35fb1.x86_64.rpm","kernel-sign-keys-3.10.0-693.21.1.el7.cgslv5_4.55.1273.g2e35fb1.x86_64.rpm","kernel-headers-3.10.0-693.21.1.el7.cgslv5_4.55.1273.g2e35fb1.x86_64.rpm","kernel-abi-whitelists-3.10.0-693.21.1.el7.cgslv5_4.55.1273.g2e35fb1.noarch.rpm","python-perf-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.55.1273.g2e35fb1.x86_64.rpm"],"source":"kernel-3.10.0-693.21.1.el7.cgslv5_4.55.1273.g2e35fb1.src.rpm"}]}]}
CVE
参考