操作系统--麒麟信安操作系统,国产操作系统,麒麟信安云桌面—

公告ID (KylinSec-SA-2023-2237)

摘要:

kernel security update

安全等级: High

公告ID: KylinSec-SA-2023-2237

发布日期: 2023年8月26日

关联CVE: CVE-2023-4128 CVE-2023-2860

详细介绍

1. 漏洞描述

The Linux Kernel, the operating system core itself.

Security Fix(es):

An out-of-bounds read vulnerability was found in the SR-IPv6 implementation in the Linux kernel. The flaw exists within the processing of seg6 attributes. The issue results from the improper validation of user-supplied data, which can result in a read past the end of an allocated buffer. This flaw allows a privileged local user to disclose sensitive information on affected installations of the Linux kernel.(CVE-2023-2860)

A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue.(CVE-2023-4128)

2. 影响范围

cve名称	产品	组件	是否受影响
CVE-2023-4128	KY3.5.2	kernel	Fixed
CVE-2023-2860	KY3.5.2	kernel	Fixed

3. 影响组件

kernel

4. 修复版本

KY3.5.2

软件名称	架构	版本号
kernel	x86_64	5.10.0-153.12.0.92.kb8.ky3_5
kernel-tools-devel	x86_64	5.10.0-153.12.0.92.kb8.ky3_5
kernel-tools	x86_64	5.10.0-153.12.0.92.kb8.ky3_5
python3-perf	x86_64	5.10.0-153.12.0.92.kb8.ky3_5
kernel-headers	x86_64	5.10.0-153.12.0.92.kb8.ky3_5
kernel-source	x86_64	5.10.0-153.12.0.92.kb8.ky3_5
bpftool	x86_64	5.10.0-153.12.0.92.kb8.ky3_5
kernel-devel	x86_64	5.10.0-153.12.0.92.kb8.ky3_5
perf	x86_64	5.10.0-153.12.0.92.kb8.ky3_5
kernel-tools-devel	aarch64	5.10.0-153.12.0.92.kb16.ky3_5
python3-perf	aarch64	5.10.0-153.12.0.92.kb16.ky3_5
kernel	aarch64	5.10.0-153.12.0.92.kb16.ky3_5
perf	aarch64	5.10.0-153.12.0.92.kb16.ky3_5
kernel-source	aarch64	5.10.0-153.12.0.92.kb16.ky3_5
kernel-headers	aarch64	5.10.0-153.12.0.92.kb16.ky3_5
kernel-tools	aarch64	5.10.0-153.12.0.92.kb16.ky3_5
kernel-devel	aarch64	5.10.0-153.12.0.92.kb16.ky3_5
bpftool	aarch64	5.10.0-153.12.0.92.kb16.ky3_5