公告ID(KYSA-202411-1067)
公告ID:KYSA-202411-1067
公告摘要:kernel安全漏洞
等級:中等
發(fā)布日期:2024-11-26
詳細介紹
1.修復的漏洞
·CVE-2023-2007
描述:The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel.
2.受影響的軟件包
·銀河麒麟高級服務器操作系統(tǒng) V10 SP1
·loongarch64架構(gòu):
python3-perf���、kernel-abi-whitelists、kernel-cross-headers�、kernel-modules-internal、kernel-modules��、kernel-headers�、kernel-core�、perf、kernel-devel����、kernel-tools�����、bpftool�、kernel-modules-extra��、kernel
3.軟件包修復版本
·銀河麒麟高級服務器操作系統(tǒng) V10 SP1 (loongarch64)
kernel-modules-extra-4.19.90-23.37.v2207.a.ky10或以上版本
kernel-abi-whitelists-4.19.90-23.37.v2207.a.ky10或以上版本
perf-4.19.90-23.37.v2207.a.ky10或以上版本
kernel-headers-4.19.90-23.37.v2207.a.ky10或以上版本
kernel-cross-headers-4.19.90-23.37.v2207.a.ky10或以上版本
kernel-devel-4.19.90-23.37.v2207.a.ky10或以上版本
kernel-tools-4.19.90-23.37.v2207.a.ky10或以上版本
kernel-modules-4.19.90-23.37.v2207.a.ky10或以上版本
kernel-4.19.90-23.37.v2207.a.ky10或以上版本
bpftool-4.19.90-23.37.v2207.a.ky10或以上版本
python3-perf-4.19.90-23.37.v2207.a.ky10或以上版本
kernel-core-4.19.90-23.37.v2207.a.ky10或以上版本
kernel-modules-internal-4.19.90-23.37.v2207.a.ky10或以上版本
4.修復方法
方法一:配置源進行升級安裝
1.打開軟件包源配置文件,根據(jù)倉庫地址進行修改����。
倉庫源地址:
銀河麒麟高級服務器操作系統(tǒng) V10 SP1
loongarch64:https://update.cs2c.com.cn/NS/V10/V10SP1.1/os/adv/lic/updates/loongarch64/
2.配置完成后執(zhí)行更新命令進行升級�����,命令如下:
yum update Packagename
方法二:下載安裝包進行升級安裝
通過軟件包地址下載軟件包�,使用軟件包升級命令根據(jù)受影響的軟件包
列表進行升級安裝, 命令如下:
yum install Packagename
3.升級完成后是否需要重啟服務或操作系統(tǒng):
CVE-2023-2007:需要重啟操作系統(tǒng)以使漏洞修復生效。
5.軟件包下載地址
·銀河麒麟高級服務器操作系統(tǒng) V10 SP1
kernel(loongarch64)軟件包下載地址:
https://update.cs2c.com.cn/NS/V10/V10SP1.1/os/adv/lic/updates/loongarch64/Packages/kernel-cross-headers-4.19.90-23.37.v2207.a.ky10.loongarch64.rpm
https://update.cs2c.com.cn/NS/V10/V10SP1.1/os/adv/lic/updates/loongarch64/Packages/kernel-4.19.90-23.37.v2207.a.ky10.loongarch64.rpm
https://update.cs2c.com.cn/NS/V10/V10SP1.1/os/adv/lic/updates/loongarch64/Packages/kernel-abi-whitelists-4.19.90-23.37.v2207.a.ky10.loongarch64.rpm
https://update.cs2c.com.cn/NS/V10/V10SP1.1/os/adv/lic/updates/loongarch64/Packages/python3-perf-4.19.90-23.37.v2207.a.ky10.loongarch64.rpm
https://update.cs2c.com.cn/NS/V10/V10SP1.1/os/adv/lic/updates/loongarch64/Packages/bpftool-4.19.90-23.37.v2207.a.ky10.loongarch64.rpm
https://update.cs2c.com.cn/NS/V10/V10SP1.1/os/adv/lic/updates/loongarch64/Packages/kernel-headers-4.19.90-23.37.v2207.a.ky10.loongarch64.rpm
https://update.cs2c.com.cn/NS/V10/V10SP1.1/os/adv/lic/updates/loongarch64/Packages/kernel-modules-internal-4.19.90-23.37.v2207.a.ky10.loongarch64.rpm
https://update.cs2c.com.cn/NS/V10/V10SP1.1/os/adv/lic/updates/loongarch64/Packages/kernel-devel-4.19.90-23.37.v2207.a.ky10.loongarch64.rpm
https://update.cs2c.com.cn/NS/V10/V10SP1.1/os/adv/lic/updates/loongarch64/Packages/kernel-tools-4.19.90-23.37.v2207.a.ky10.loongarch64.rpm
https://update.cs2c.com.cn/NS/V10/V10SP1.1/os/adv/lic/updates/loongarch64/Packages/kernel-modules-extra-4.19.90-23.37.v2207.a.ky10.loongarch64.rpm
https://update.cs2c.com.cn/NS/V10/V10SP1.1/os/adv/lic/updates/loongarch64/Packages/kernel-modules-4.19.90-23.37.v2207.a.ky10.loongarch64.rpm
https://update.cs2c.com.cn/NS/V10/V10SP1.1/os/adv/lic/updates/loongarch64/Packages/kernel-core-4.19.90-23.37.v2207.a.ky10.loongarch64.rpm
https://update.cs2c.com.cn/NS/V10/V10SP1.1/os/adv/lic/updates/loongarch64/Packages/perf-4.19.90-23.37.v2207.a.ky10.loongarch64.rpm
注:其他相關(guān)依賴包請到相同目錄下載
6.修復驗證
使用軟件包查詢命令����,查看相關(guān)軟件包版本是否與修復版本一致����,如果版本一致,則說明修復成功���。
sudo rpm -qa | grep Packagename
安全漏洞補丁公告
