摘要:
kernel security update
安全等级: High
公告ID: KylinSec-SA-2023-2167
发布日期: 2024年10月31日
The Linux Kernel, the operating system core itself.
Security Fix(es):
A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.(CVE-2023-2162)
An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system(CVE-2023-2124)
In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.(CVE-2023-32233)
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2023-2162 | KY3.4-5A | kernel | Fixed |
| CVE-2023-2162 | KY3.5.2 | kernel | Fixed |
| CVE-2023-2124 | KY3.4-5A | kernel | Fixed |
| CVE-2023-2124 | KY3.5.2 | kernel | Fixed |
| CVE-2023-32233 | KY3.4-5A | kernel | Fixed |
| CVE-2023-32233 | KY3.5.2 | kernel | Fixed |
| 软件名称 | 架构 | 版本号 |
|---|---|---|
| bpftool | x86_64 | 4.19.90-2309.3.0.0218.kb1.ky3_4 |
| kernel-devel | x86_64 | 4.19.90-2309.3.0.0218.kb1.ky3_4 |
| kernel-tools | x86_64 | 4.19.90-2309.3.0.0218.kb1.ky3_4 |
| python2-perf | x86_64 | 4.19.90-2309.3.0.0218.kb1.ky3_4 |
| kernel-source | x86_64 | 4.19.90-2309.3.0.0218.kb1.ky3_4 |
| perf | x86_64 | 4.19.90-2309.3.0.0218.kb1.ky3_4 |
| kernel | x86_64 | 4.19.90-2309.3.0.0218.kb1.ky3_4 |
| kernel-tools-devel | x86_64 | 4.19.90-2309.3.0.0218.kb1.ky3_4 |
| python3-perf | x86_64 | 4.19.90-2309.3.0.0218.kb1.ky3_4 |
| kernel-source | aarch64 | 4.19.90-2309.3.0.0218.kb1.ky3_4 |
| perf | aarch64 | 4.19.90-2309.3.0.0218.kb1.ky3_4 |
| kernel | aarch64 | 4.19.90-2309.3.0.0218.kb1.ky3_4 |
| kernel-tools-devel | aarch64 | 4.19.90-2309.3.0.0218.kb1.ky3_4 |
| python2-perf | aarch64 | 4.19.90-2309.3.0.0218.kb1.ky3_4 |
| python3-perf | aarch64 | 4.19.90-2309.3.0.0218.kb1.ky3_4 |
| bpftool | aarch64 | 4.19.90-2309.3.0.0218.kb1.ky3_4 |
| kernel-tools | aarch64 | 4.19.90-2309.3.0.0218.kb1.ky3_4 |
| kernel-devel | aarch64 | 4.19.90-2309.3.0.0218.kb1.ky3_4 |
| 软件名称 | 架构 | 版本号 |
|---|---|---|
| kernel | x86_64 | 5.10.0-153.12.0.92.kb8.ky3_5 |
| kernel-tools | x86_64 | 5.10.0-153.12.0.92.kb8.ky3_5 |
| kernel-devel | x86_64 | 5.10.0-153.12.0.92.kb8.ky3_5 |
| kernel-headers | x86_64 | 5.10.0-153.12.0.92.kb8.ky3_5 |
| kernel-source | x86_64 | 5.10.0-153.12.0.92.kb8.ky3_5 |
| perf | x86_64 | 5.10.0-153.12.0.92.kb8.ky3_5 |
| python3-perf | x86_64 | 5.10.0-153.12.0.92.kb8.ky3_5 |
| kernel-tools-devel | x86_64 | 5.10.0-153.12.0.92.kb8.ky3_5 |
| bpftool | x86_64 | 5.10.0-153.12.0.92.kb8.ky3_5 |
| kernel-devel | aarch64 | 5.10.0-153.12.0.92.kb16.ky3_5 |
| kernel-tools-devel | aarch64 | 5.10.0-153.12.0.92.kb16.ky3_5 |
| kernel-headers | aarch64 | 5.10.0-153.12.0.92.kb16.ky3_5 |
| python3-perf | aarch64 | 5.10.0-153.12.0.92.kb16.ky3_5 |
| kernel-tools | aarch64 | 5.10.0-153.12.0.92.kb16.ky3_5 |
| kernel-source | aarch64 | 5.10.0-153.12.0.92.kb16.ky3_5 |
| perf | aarch64 | 5.10.0-153.12.0.92.kb16.ky3_5 |
| kernel | aarch64 | 5.10.0-153.12.0.92.kb16.ky3_5 |
| bpftool | aarch64 | 5.10.0-153.12.0.92.kb16.ky3_5 |
方法一:下载安装包进行升级安装
1、通过下载链接下载需要升级的升级包保存,如 xxx.rpm
2、通过rpm命令升级,如 rpm -Uvh xxx.rpm
方法二:通过软件源进行升级安装
1、保持能够连接上互联网
2、通过yum命令升级指定的包,如 yum install 包名
