He maha nga whakaraeraetanga i kitea tata nei:
- CVE-2023-39191 – Mā te ngoikoretanga i roto i te pūnaha iti eBPF ka taea e te kaiwhakamahi ā-rohe te whakanui ake i ō rātou mana me te whakahaere i te waehere kernel. LinuxNā te whakamana hē o ngā kaupapa eBPF i tukuna e te kaiwhakamahi kia whakahaerea te ngoikoretanga. Hei whakahaere i te whakaeke, me taea e te kaiwhakamahi te uta i tā rātou ake kaupapa BPF (mēnā kua whakatakotoria te tawhā kernel.unprivileged_bpf_disabled ki te 0, hei tauira, pērā i roto i Ubuntu (20.04 o Paenga-whāwhā). I tukuna ngā kōrero mō te ngoikoretanga ki ngā kaiwhakawhanake kernel i te marama o Tīhema o te tau kua hipa, ā, i whakatinanahia marietia he whakatikatika i te marama o Hānuere.
- CVE-2023-42753 He take me nga taupū hurangi i roto i te whakatinana ipset i roto i te puunaha iti netfilter kernel, ka taea te whakamahi ki te whakanui/whakaheke tohu tohu me te hanga tikanga mo te tuhi, panui ranei ki tetahi waahi maumahara kei waho o te parepare kua tohaina. Hei tirotiro i te ahua o te whakaraeraetanga, kua whakaritea he tauira whakaraerae e puta ai he whakamutu rereke (kaore e taea te whakakore i nga ahuatanga whakaraerae kino atu). Ko te whakatika kei roto i nga whakaputanga kernel 5.4.257, 6.5.3, 6.4.16, 6.1.53, 5.10.195, 5.15.132.
- CVE-2023-39192, CVE-2023-39193, CVE-2023-39193 - ngā ngoikoretanga maha o te kernel Linux, e arahi ana ki te turuturu o te mahara o te kernel nā te kaha ki te pānui mai i ngā arai o waho o ngā rohe i roto i ngā mahi match_flags me u32_match_it o te pūnaha Netfilter, tae atu ki te waehere tukatuka tātari āhua. I whakatikahia ngā ngoikoretanga i te marama o Ākuhata (1, 2) me Hune.
- Ko te CVE-2023-42755 he whakaraeraetanga e taea ai e tetahi kaiwhakamahi kore whai mana ki te tuku i te tukinga kakano na te hapa i te wa e mahi ana me nga tohutohu i roto i te roopu waka rsvp. Ka puta te raruraru i roto i nga kakano LTS 6.1, 5.15, 5.10, 5.4, 4.19 me 4.14. Kua whakaritea he tauira mahi. Ko te whakatikanga kaore ano kia whakaaetia ki roto i te pata, ka waatea hei papaki.
- Ko te CVE-2023-42756 he ahuatanga reihi i roto i te punaha iti NetFilter kernel ka taea te whakamahi kia puta mai te ahua o te Panic. Kei te watea he tauira whakamahi e mahi ana i nga kakano 6.5.rc7, 6.1 me 5.10. Ko te whakatikanga kaore ano kia whakaaetia ki roto i te pata, ka waatea hei papaki.
- CVE-2023-4527 Ka puhake te puranga i te whare pukapuka Glibc i te mahi getaddrinfo i te wa e tukatuka ana i te whakautu DNS nui ake i te 2048 paita. Ko te whakaraeraetanga ka arai pea ki te taapu raraunga ka pakaru, ka pakaru ranei. Ka puta noa te whakaraeraetanga ki nga putanga Glibc hou ake i te 2.36 i te wa e whakamahi ana i te whiringa "no-aaaa" i /etc/resolv.conf.
- Ko te CVE-2023-40474, ko te CVE-2023-40475 he whakaraeraetanga i roto i te anga rongorau GStreamer i puta mai i te waipuke tauoti i roto i nga kaikawe kōnae ataata MXF. Ka taea e nga whakaraeraetanga te arahi ki te whakaeke i nga waehere kaitukino i te wa e tukatuka ana i nga konae MXF i hangaia motuhake i roto i tetahi tono e whakamahi ana i te GStreamer. Kua whakatikahia te raru i roto i te kete gst-plugins-bad 1.22.6.
- CVE-2023-40476 - He putunga putunga i roto i te pūtukatuka ataata H.265 ka tukuna i roto i te GStreamer, e taea ai te mahi waehere i te wa e tukatuka ana i tetahi ataata whakahōputu motuhake. Kua whakaritea te whakaraeraetanga i roto i te kete gst-plugins-bad 1.22.6.
- Tātaritanga - tātaritanga o tētahi mahi e whakamahi ana i te whakaraeraetanga CVE-2023-36664 i roto i te mōkihi Ghostscript hei mahi i tana waehere i te whakatuwheratanga o nga tuhinga PostScript i hangaia motuhake. Ko te raruraru ka puta mai i te he o te tukatuka i nga ingoa konae ka timata mai i te ahua "|". ko te tohumua %pipe%. I whakatikahia te whakaraeraetanga i roto i te tuku Ghostscript 10.01.2.
- CVE-2023-3341, CVE-2023-4236 - whakaraeraetanga i roto i te tūmau DNS BIND 9 e arai ana ki te tukinga o te tukanga whakaingoatia i te wa e tukatuka ana i nga karere mana i hangaia motuhake (he rawaka te uru ki te tauranga TCP e whakahaerea ai te ingoa (tuwhera noa ma te taunoa). mo te atanga whakamuri), kaore e hiahiatia te mohio ki te taviri RNDC) te hanga ranei i tetahi kawenga teitei i roto i te aratau DNS-over-TLS. I whakatauhia nga whakaraeraetanga i roto i nga putanga BIND 9.16.44, 9.18.19, me 9.19.17.
- CVE-2023-4504 - ngoikoretanga i roto i tūmau Nā te ngoikoretanga i roto i te tānga CUPS me te whare pukapuka libppd i hua ake ai he waipuke o te arai i te wā e wetewete ana i ngā tuhinga Postscript i hangaia mō te kaupapa motuhake. Ka taea te whakamahi i tēnei ngoikoretanga hei whakahaere i te waehere ritenga i runga i te pūnaha. I whakatikahia te take i roto i te CUPS 2.4.7 (patch) me te libppd 2.0.0 (patch).
Source: opennet.ru
