ProHoster > Π‘Π»ΠΎΠ³ > wararka internetka > Nuglaanta ku jirta kernel Linux, Glibc, GStreamer, Ghostscript, BIND iyo CUPS

Nuglaanta ku jirta kernel Linux, Glibc, GStreamer, Ghostscript, BIND iyo CUPS

Dhawr baylah ah oo dhawaan la aqoonsaday:

  • CVE-2023-39191 waa u nuglaanshaha nidaamka hoosaadka eBPF kaasoo u oggolaanaya isticmaale maxalli ah inuu sare u qaado mudnaanta uu leeyahay oo uu ku fuliyo koodka heerka kernel Linux. Nuglaanta waxaa sabab u ah xaqiijinta khaldan ee barnaamijyada eBPF ee uu soo gudbiyay isticmaaluhu si loo fuliyo. Si loo fuliyo weerarka, isticmaaluhu waa inuu awood u yeeshaa inuu ku shubto barnaamijkiisa BPF (haddii kernel.unprivileged_bpf_disabled parameter loo dhigay 0, tusaale ahaan, sida Ubuntu 20.04). Macluumaadka ku saabsan nuglaanshaha waxaa loo gudbiyay kuwa soo saara kernel-ka bishii Disembar ee sannadkii hore, waxaana hagaajinta si deggan loo soo bandhigay Janaayo.
  • CVE-2023-42753 Arrin leh jaangooyooyin habaysan oo ku jira hirgelinta ipset ee nidaamka hoose ee kernel netfilter, kaas oo loo isticmaali karo in lagu kordhiyo/yareeyo tilmaamayaasha loona abuuro shuruudo wax loogu qoro ama wax loogu akhriyo meel xusuusta ka baxsan kaydka loo qoondeeyay. Si loo hubiyo jiritaanka baylahda, nooc ka faa'iidaysi ayaa la diyaariyay kaas oo sababa joojin aan caadi ahayn (xaalad ka faa'iidaysi badan oo khatar ah lama saari karo). Hagaajinta waxaa ku jira sii deynta kernel 5.4.257, 6.5.3, 6.4.16, 6.1.53, 5.10.195, 5.15.132.
  • CVE-2023-39192, CVE-2023-39193. ee nidaamka hoose ee Netfilter, iyo sidoo kale koodhka habaynta shaandhada gobolka. Nuglaanta waxaa la go'aamiyay Agoosto (2023, 39193) iyo Juunyo.
  • CVE-2023-42755 waa baylahda u ogolaanaysa isticmaale maxali ah oo aan mudnayn inuu keeno shil kernel sababtoo ah qaladka marka uu la shaqaynayo tilmaamayaasha kala soocida taraafikada rsvp. Dhibaatadu waxay ka muuqataa LTS kernels 6.1, 5.15, 5.10, 5.4, 4.19 iyo 4.14. Waxaa la diyaariyay nooc ka faa'iidaysi Hagaajinta weli lama aqbalin kernel-ka waxaana loo heli karaa balastar ahaan.
  • CVE-2023-42756 waa xaalad jinsiyadeed ee nidaamka NetFilter kernel subsystem kaas oo laga faa'iidaysan karo si loogu keeno isticmaale maxalli ah inuu kiciyo xaalad argagax. Nooca ka faa'iidaysiga ayaa diyaar ah oo ka shaqeeya ugu yaraan kernels 6.5.rc7, 6.1 iyo 5.10. Hagaajinta weli lama aqbalin kernel-ka waxaana loo heli karaa balastar ahaan.
  • CVE-2023-4527 Buuxinta buuxdhaafka ah ee maktabadda Glibc waxay ku dhacdaa shaqada getaddrinfo marka la farsameynayo jawaabta DNS ka weyn 2048 bytes. Nuglaanta waxay keeni kartaa in xogta la daadiyo ama shil. Nuglaanta waxay ka muuqataa kaliya noocyada Glibc ee ka cusub 2.36 marka la isticmaalayo ikhtiyaarka "no-aaaa" ee /etc/resolv.conf.
  • CVE-2023-40474, CVE-2023-40475 waa u nuglaanshaha qaabka GStreamer multimedia oo ay sababtay qulqulka xad dhaafka ah ee kuwa gacanta ku haya faylalka fiidiyowga MXF. Nuglaanta waxay u horseedi kartaa fulinta koodka weerarka marka la farsameynayo faylasha MXF ee gaarka ah ee loo qaabeeyey arjiga isticmaala GStreamer. Dhibaatadu waxay ku xidhan tahay xirmada gst-plugins-bad 1.22.6.
  • CVE-2023-40476 - Qulqulka qulqulka qulqulka H.265 fiidiyooga ee lagu bixiyo GStreamer, kaas oo u oggolaanaya fulinta code marka la farsameynayo fiidiyoow qaabaysan. Nuglaanta waxaa lagu hagaajiyay xirmada gst-plugins-bad 1.22.6.
  • Falanqaynta - falanqaynta ka faa'iidaysiga isticmaalaya nuglaanshaha CVE-2023-36664 ee xirmada Ghostscript si loo fuliyo koodka marka la furayo dukumentiyada PostScript ee gaarka ah. Dhibaatada waxaa sababa habaynta khaldan ee magacyada faylalka ee ka bilaabmaya jilaha "|". ama horgale % tuubo%. Nuglaanta waxaa lagu hagaajiyay Ghostscript 10.01.2 siideynta.
  • CVE-2023-3341. Sida caadiga ah) interface loopback ah), aqoonta furaha RNDC looma baahna) ama abuurista culeys sare oo gaar ah qaabka DNS-over-TLS. Nuglaanta waxaa lagu xalliyay BIND siidaynta 2023, 4236, iyo 9.
  • CVE-2023-4504 waa u nuglaanshaha server-ka daabacaadda CUPS iyo maktabadda libppd taasoo horseedda qulqulka xad dhaafka ah marka la falanqeynayo dukumiintiyada Boostada ee sida gaarka ah loo qaabeeyey. Waxaa suurtogal ah in baylahda laga faa'iidaysan karo si loo abaabulo fulinta koodka qofka ee nidaamka. Arrinta waxaa lagu xalliyaa siidaynta CUPS 2.4.7 (patch) iyo libppd 2.0.0 (patch).

Source: opennet.ru

Add a comment