ProHoster > Блог > xov xwm hauv internet > Vulnerabilities hauv Linux ntsiav, Glibc, GStreamer, Ghostscript, BIND thiab CUPS

Vulnerabilities hauv Linux ntsiav, Glibc, GStreamer, Ghostscript, BIND thiab CUPS

Ntau qhov tsis ntev los no tau txheeb xyuas qhov tsis zoo:

  • CVE-2023-39191 yog qhov tsis muaj zog hauv eBPF subsystem uas tso cai rau tus neeg siv hauv zos kom nce lawv cov cai thiab ua cov lej ntawm Linux kernel theem. Qhov tsis muaj zog no yog tshwm sim los ntawm kev lees paub tsis raug ntawm cov kev pab cuam eBPF uas tus neeg siv xa rau kev ua tiav. Txhawm rau ua qhov kev tawm tsam, tus neeg siv yuav tsum muaj peev xwm thauj lawv cov kev pab cuam BPF (yog tias kernel.unprivileged_bpf_disabled parameter teeb tsa rau 0, xws li hauv Ubuntu 20.04). Cov ntaub ntawv hais txog qhov tsis muaj zog tau tshaj tawm rau cov neeg tsim khoom kernel rov qab rau lub Kaum Ob Hlis ntawm xyoo tas los, thiab kev kho tau tso tawm ntsiag to thaum Lub Ib Hlis.
  • CVE-2023-42753 — Ib qho yuam kev hauv kev tswj cov array indices hauv ipset kev siv ntawm netfilter kernel subsystem tuaj yeem siv los nce / txo cov pointers thiab tsim cov xwm txheej rau kev sau lossis nyeem rau lub cim xeeb dhau ntawm qhov buffer tau muab faib. Txhawm rau sim qhov tsis muaj zog, ib qho prototype exploit tau npaj uas ua rau muaj kev sib tsoo (cov xwm txheej kev siv tsis zoo dua tsis tuaj yeem tshem tawm). Qhov kev kho no suav nrog hauv kernel tso tawm 5.4.257, 6.5.3, 6.4.16, 6.1.53, 5.10.195, thiab 5.15.132.
  • CVE-2023-39192, CVE-2023-39193, CVE-2023-39193 — ntau qhov tsis muaj zog hauv Linux kernel uas ua rau lub cim xeeb kernel xau vim yog nyeem tawm ntawm ciam teb hauv match_flags thiab u32_match_it functions ntawm Netfilter subsystem, nrog rau hauv lub xeev lim dej ua cov lej. Qhov tsis muaj zog tau kho thaum Lub Yim Hli (1, 2) thiab Lub Rau Hli.
  • CVE-2023-42755 yog qhov tsis muaj zog uas tso cai rau tus neeg siv hauv zos uas tsis muaj cai ua rau lub kernel poob vim yog qhov yuam kev pointer hauv rsvp traffic classifier. Qhov teeb meem no cuam tshuam rau LTS kernels 6.1, 5.15, 5.10, 5.4, 4.19, thiab 4.14. Ib qho prototype exploit tau npaj lawm. Qhov kho tseem tsis tau txais rau hauv kernel thiab muaj nyob rau hauv daim ntawv kho.
  • CVE-2023-42756 yog ib qho teeb meem sib tw hauv NetFilter kernel subsystem uas tuaj yeem siv los ua kom muaj kev kub ntxhov los ntawm tus neeg siv hauv zos. Muaj ib qho prototype exploit, ua haujlwm hauv tsawg kawg kernels 6.5.rc7, 6.1, thiab 5.10. Qhov kho tsis tau txais rau hauv kernel thiab muaj nyob rau hauv daim ntawv kho.
  • CVE-2023-4527 yog qhov tsis muaj zog ntawm stack overflow hauv Glibc lub tsev qiv ntawv uas tshwm sim hauv getaddrinfo function thaum ua cov lus teb DNS loj dua 2048 bytes. Qhov tsis muaj zog no tuaj yeem ua rau muaj kev xau stack lossis kev sib tsoo. Qhov tsis muaj zog no tsuas yog cuam tshuam rau Glibc versions tom qab 2.36 thaum siv qhov kev xaiv "no-aaaa" hauv /etc/resolv.conf.
  • CVE-2023-40474 thiab CVE-2023-40475 yog qhov tsis muaj zog hauv GStreamer multimedia framework uas tshwm sim los ntawm qhov muaj integer overflow hauv MXF video file handlers. Cov qhov tsis muaj zog no tuaj yeem ua rau tus neeg tawm tsam ua tiav cov lej thaum ua cov ntaub ntawv MXF tshwj xeeb hauv daim ntawv thov siv GStreamer. Qhov teeb meem tau kho lawm hauv pob gst-plugins-bad 1.22.6.
  • CVE-2023-40476 — Ib qho buffer overflow hauv GStreamer's H.265 video handler ua rau muaj kev ua tiav cov lej thaum ua cov yeeb yaj kiab tshwj xeeb. Qhov tsis muaj zog no tau kho lawm hauv gst-plugins-bad 1.22.6.
  • Tsab xov xwm no tshuaj xyuas qhov kev siv tsis raug uas siv qhov tsis muaj zog CVE-2023-36664 hauv pob Ghostscript los ua cov lej thaum qhib cov ntaub ntawv PostScript tshwj xeeb. Qhov teeb meem no yog tshwm sim los ntawm kev siv tsis raug ntawm cov npe ntaub ntawv pib nrog tus cim "|" lossis %pipe% prefix. Qhov tsis muaj zog tau kho hauv Ghostscript 10.01.2.
  • CVE-2023-3341 thiab CVE-2023-4236 yog qhov tsis muaj zog hauv BIND 9 DNS server uas ua rau cov txheej txheem muaj npe poob thaum ua cov lus tswj hwm tshwj xeeb (nkag mus rau qhov chaw nres nkoj TCP siv rau kev tswj hwm muaj npe (qhib los ntawm lub neej ntawd tsuas yog rau lub loopback interface) txaus; kev paub txog RNDC tus yuam sij tsis tas yuav tsum muaj) lossis thaum tsim qee qhov kev thauj khoom siab hauv hom DNS-dhau-TLS. Cov qhov tsis muaj zog tau kho hauv BIND 9.16.44, 9.18.19, thiab 9.19.17.
  • CVE-2023-4504 - qhov tsis muaj zog hauv server Muaj qhov tsis zoo hauv CUPS luam ntawv thiab libppd lub tsev qiv ntawv ua rau muaj buffer overflow thaum txheeb xyuas cov ntaub ntawv Postscript tshwj xeeb. Nws muaj peev xwm siv qhov tsis zoo no los ua cov lej tshwj xeeb ntawm lub system. Qhov teeb meem tau kho lawm hauv CUPS 2.4.7 (patch) thiab libppd 2.0.0 (patch).

Tau qhov twg los: opennet.ru

Ntxiv ib saib