摘要:
sudo security update
安全等级: High
公告ID: KylinSec-SA-2024-1049
发布日期: 2024年1月12日
关联CVE: CVE-2023-42465
Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done.
Security Fix(es):
Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit.(CVE-2023-42465)
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2023-42465 | KY3.4-4A | sudo | Fixed |
| CVE-2023-42465 | KY3.4-5A | sudo | Fixed |
| CVE-2023-42465 | KY3.5.1 | sudo | Fixed |
| CVE-2023-42465 | KY3.5.2 | sudo | Fixed |
| 软件名称 | 架构 | 版本号 |
|---|---|---|
| sudo-help | noarch | 1.9.8p2-15.kb1.ky3_5 |
| sudo-devel | x86_64 | 1.9.8p2-15.kb1.ky3_5 |
| sudo | x86_64 | 1.9.8p2-15.kb1.ky3_5 |
| sudo | aarch64 | 1.9.8p2-15.kb1.ky3_5 |
| sudo-devel | aarch64 | 1.9.8p2-15.kb1.ky3_5 |
| 软件名称 | 架构 | 版本号 |
|---|---|---|
| sudo-help | noarch | 1.9.2-15.kb1.ky3_4 |
| sudo | x86_64 | 1.9.2-15.kb1.ky3_4 |
| sudo-devel | x86_64 | 1.9.2-15.kb1.ky3_4 |
| sudo-devel | aarch64 | 1.9.2-15.kb1.ky3_4 |
| sudo | aarch64 | 1.9.2-15.kb1.ky3_4 |
| 软件名称 | 架构 | 版本号 |
|---|---|---|
| sudo-help | noarch | 1.9.2-15.kb1.ky3_4 |
| sudo-devel | x86_64 | 1.9.2-15.kb1.ky3_4 |
| sudo | x86_64 | 1.9.2-15.kb1.ky3_4 |
| sudo | aarch64 | 1.9.2-15.kb1.ky3_4 |
| sudo-devel | aarch64 | 1.9.2-15.kb1.ky3_4 |
| 软件名称 | 架构 | 版本号 |
|---|---|---|
| sudo-help | noarch | 1.9.8p2-15.ky3_5 |
| sudo | x86_64 | 1.9.8p2-15.ky3_5 |
| sudo-devel | x86_64 | 1.9.8p2-15.ky3_5 |
| sudo-devel | aarch64 | 1.9.8p2-15.ky3_5 |
| sudo | aarch64 | 1.9.8p2-15.ky3_5 |
方法一:下载安装包进行升级安装
1、通过下载链接下载需要升级的升级包保存,如 xxx.rpm
2、通过rpm命令升级,如 rpm -Uvh xxx.rpm
方法二:通过软件源进行升级安装
1、保持能够连接上互联网
2、通过yum命令升级指定的包,如 yum install 包名
