jiachao2130/cvrf2cusa
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
0b34274085
cvrf2cusa/cvrf/2023/cvrf-openEuler-SA-2023-1439.xml
Jia Chao 0b34274085 git mv 
Signed-off-by: Jia Chao <jiac13@chinaunicom.cn>
2024-07-25 09:57:37 +08:00

305 lines
18 KiB
XML
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?xml version="1.0" encoding="UTF-8"?>
<cvrfdoc xmlns="http://www.icasi.org/CVRF/schema/cvrf/1.1" xmlns:cvrf="http://www.icasi.org/CVRF/schema/cvrf/1.1">
<DocumentTitle xml:lang="en">An update for kernel is now available for openEuler-20.03-LTS-SP3</DocumentTitle>
<DocumentType>Security Advisory</DocumentType>
<DocumentPublisher Type="Vendor">
<ContactDetails>openeuler-security@openeuler.org</ContactDetails>
<IssuingAuthority>openEuler security committee</IssuingAuthority>
</DocumentPublisher>
<DocumentTracking>
<Identification>
<ID>openEuler-SA-2023-1439</ID>
</Identification>
<Status>Final</Status>
<Version>1.0</Version>
<RevisionHistory>
<Revision>
<Number>1.0</Number>
<Date>2023-07-21</Date>
<Description>Initial</Description>
</Revision>
</RevisionHistory>
<InitialReleaseDate>2023-07-21</InitialReleaseDate>
<CurrentReleaseDate>2023-07-21</CurrentReleaseDate>
<Generator>
<Engine>openEuler SA Tool V1.0</Engine>
<Date>2023-07-21</Date>
</Generator>
</DocumentTracking>
<DocumentNotes>
<Note Title="Synopsis" Type="General" Ordinal="1" xml:lang="en">kernel security update</Note>
<Note Title="Summary" Type="General" Ordinal="2" xml:lang="en">An update for kernel is now available for openEuler-20.03-LTS-SP3.</Note>
<Note Title="Description" Type="General" Ordinal="3" xml:lang="en">The Linux Kernel, the operating system core itself.
Security Fix(es):
A time-of-check to time-of-use issue exists in io_uring subsystem&apos;s IORING_OP_CLOSE operation in the Linux kernel&apos;s versions 5.6 - 5.11 (inclusive), which allows a local user to elevate their privileges to root. Introduced in b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb, patched in 9eac1904d3364254d622bf2c771c4f85cd435fc2, backported to stable in 788d0824269bef539fe31a785b1517882eafed93.(CVE-2023-1295)
A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation.
The out-of-bounds write is caused by missing skb-&gt;cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled.
We recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e.
(CVE-2023-3090)
A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAP_NET_ADMIN capability to crash or potentially escalate their privileges on the system.(CVE-2023-3117)
An issue was discovered in the Linux kernel through 6.1-rc8. dpu_crtc_atomic_check in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c lacks check of the return value of kzalloc() and will cause the NULL Pointer Dereference.(CVE-2023-3220)
A flaw null pointer dereference in the Linux kernel DECnet networking protocol was found. A remote user could use this flaw to crash the system.(CVE-2023-3338)
A null pointer dereference was found in the Linux kernel&apos;s Integrated Sensor Hub (ISH) driver. This issue could allow a local user to crash the system.(CVE-2023-3358)</Note>
<Note Title="Topic" Type="General" Ordinal="4" xml:lang="en">An update for kernel is now available for openEuler-20.03-LTS-SP3.
openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.</Note>
<Note Title="Severity" Type="General" Ordinal="5" xml:lang="en">High</Note>
<Note Title="Affected Component" Type="General" Ordinal="6" xml:lang="en">kernel</Note>
</DocumentNotes>
<DocumentReferences>
<Reference Type="Self">
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1439</URL>
</Reference>
<Reference Type="openEuler CVE">
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-1295</URL>
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-3090</URL>
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-3117</URL>
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-3220</URL>
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-3338</URL>
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-3358</URL>
</Reference>
<Reference Type="Other">
<URL>https://nvd.nist.gov/vuln/detail/CVE-2023-1295</URL>
<URL>https://nvd.nist.gov/vuln/detail/CVE-2023-3090</URL>
<URL>https://nvd.nist.gov/vuln/detail/CVE-2023-3117</URL>
<URL>https://nvd.nist.gov/vuln/detail/CVE-2023-3220</URL>
<URL>https://nvd.nist.gov/vuln/detail/CVE-2023-3338</URL>
<URL>https://nvd.nist.gov/vuln/detail/CVE-2023-3358</URL>
</Reference>
</DocumentReferences>
<ProductTree xmlns="http://www.icasi.org/CVRF/schema/prod/1.1">
<Branch Type="Product Name" Name="openEuler">
<FullProductName ProductID="openEuler-20.03-LTS-SP3" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">openEuler-20.03-LTS-SP3</FullProductName>
</Branch>
<Branch Type="Package Arch" Name="aarch64">
<FullProductName ProductID="kernel-devel-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-devel-4.19.90-2307.4.0.0210.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-tools-4.19.90-2307.4.0.0210.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-debuginfo-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-debuginfo-4.19.90-2307.4.0.0210.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-debuginfo-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-tools-debuginfo-4.19.90-2307.4.0.0210.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-devel-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-tools-devel-4.19.90-2307.4.0.0210.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-4.19.90-2307.4.0.0210.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="bpftool-debuginfo-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">bpftool-debuginfo-4.19.90-2307.4.0.0210.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-debugsource-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-debugsource-4.19.90-2307.4.0.0210.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python2-perf-debuginfo-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">python2-perf-debuginfo-4.19.90-2307.4.0.0210.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python3-perf-debuginfo-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">python3-perf-debuginfo-4.19.90-2307.4.0.0210.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="perf-debuginfo-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">perf-debuginfo-4.19.90-2307.4.0.0210.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python2-perf-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">python2-perf-4.19.90-2307.4.0.0210.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="perf-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">perf-4.19.90-2307.4.0.0210.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-source-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-source-4.19.90-2307.4.0.0210.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python3-perf-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">python3-perf-4.19.90-2307.4.0.0210.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="bpftool-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">bpftool-4.19.90-2307.4.0.0210.oe1.aarch64.rpm</FullProductName>
</Branch>
<Branch Type="Package Arch" Name="src">
<FullProductName ProductID="kernel-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-4.19.90-2307.4.0.0210.oe1.src.rpm</FullProductName>
</Branch>
<Branch Type="Package Arch" Name="x86_64">
<FullProductName ProductID="perf-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">perf-4.19.90-2307.4.0.0210.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python2-perf-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">python2-perf-4.19.90-2307.4.0.0210.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="bpftool-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">bpftool-4.19.90-2307.4.0.0210.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python2-perf-debuginfo-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">python2-perf-debuginfo-4.19.90-2307.4.0.0210.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-debugsource-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-debugsource-4.19.90-2307.4.0.0210.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-4.19.90-2307.4.0.0210.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-debuginfo-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-debuginfo-4.19.90-2307.4.0.0210.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-debuginfo-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-tools-debuginfo-4.19.90-2307.4.0.0210.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-tools-4.19.90-2307.4.0.0210.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="perf-debuginfo-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">perf-debuginfo-4.19.90-2307.4.0.0210.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-devel-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-tools-devel-4.19.90-2307.4.0.0210.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python3-perf-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">python3-perf-4.19.90-2307.4.0.0210.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="bpftool-debuginfo-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">bpftool-debuginfo-4.19.90-2307.4.0.0210.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python3-perf-debuginfo-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">python3-perf-debuginfo-4.19.90-2307.4.0.0210.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-devel-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-devel-4.19.90-2307.4.0.0210.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-source-4.19.90-2307.4.0.0210" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-source-4.19.90-2307.4.0.0210.oe1.x86_64.rpm</FullProductName>
</Branch>
</ProductTree>
<Vulnerability Ordinal="1" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="1" xml:lang="en">A time-of-check to time-of-use issue exists in io_uring subsystem s IORING_OP_CLOSE operation in the Linux kernel s versions 5.6 - 5.11 (inclusive), which allows a local user to elevate their privileges to root. Introduced in b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb, patched in 9eac1904d3364254d622bf2c771c4f85cd435fc2, backported to stable in 788d0824269bef539fe31a785b1517882eafed93.</Note>
</Notes>
<ReleaseDate>2023-07-21</ReleaseDate>
<CVE>CVE-2023-1295</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP3</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>High</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>7.0</BaseScore>
<Vector>AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>kernel security update</Description>
<DATE>2023-07-21</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1439</URL>
</Remediation>
</Remediations>
</Vulnerability>
<Vulnerability Ordinal="2" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="2" xml:lang="en">A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation.The out-of-bounds write is caused by missing skb-&gt;cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled.We recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e.</Note>
</Notes>
<ReleaseDate>2023-07-21</ReleaseDate>
<CVE>CVE-2023-3090</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP3</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>High</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>7.8</BaseScore>
<Vector>AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>kernel security update</Description>
<DATE>2023-07-21</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1439</URL>
</Remediation>
</Remediations>
</Vulnerability>
<Vulnerability Ordinal="3" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="3" xml:lang="en">A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAP_NET_ADMIN capability to crash or potentially escalate their privileges on the system.</Note>
</Notes>
<ReleaseDate>2023-07-21</ReleaseDate>
<CVE>CVE-2023-3117</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP3</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>High</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>7.8</BaseScore>
<Vector>AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>kernel security update</Description>
<DATE>2023-07-21</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1439</URL>
</Remediation>
</Remediations>
</Vulnerability>
<Vulnerability Ordinal="4" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="4" xml:lang="en">An issue was discovered in the Linux kernel through 6.1-rc8. dpu_crtc_atomic_check in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c lacks check of the return value of kzalloc() and will cause the NULL Pointer Dereference.</Note>
</Notes>
<ReleaseDate>2023-07-21</ReleaseDate>
<CVE>CVE-2023-3220</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP3</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>Medium</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>5.5</BaseScore>
<Vector>AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>kernel security update</Description>
<DATE>2023-07-21</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1439</URL>
</Remediation>
</Remediations>
</Vulnerability>
<Vulnerability Ordinal="5" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="5" xml:lang="en">A flaw null pointer dereference in the Linux kernel DECnet networking protocol was found. A remote user could use this flaw to crash the system.</Note>
</Notes>
<ReleaseDate>2023-07-21</ReleaseDate>
<CVE>CVE-2023-3338</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP3</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>High</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>7.5</BaseScore>
<Vector>AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>kernel security update</Description>
<DATE>2023-07-21</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1439</URL>
</Remediation>
</Remediations>
</Vulnerability>
<Vulnerability Ordinal="6" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="6" xml:lang="en">A null pointer dereference was found in the Linux kernel s Integrated Sensor Hub (ISH) driver. This issue could allow a local user to crash the system.</Note>
</Notes>
<ReleaseDate>2023-07-21</ReleaseDate>
<CVE>CVE-2023-3358</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP3</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>Medium</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>5.5</BaseScore>
<Vector>AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>kernel security update</Description>
<DATE>2023-07-21</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1439</URL>
</Remediation>
</Remediations>
</Vulnerability>
</cvrfdoc>
Reference in New Issue View Git Blame Copy Permalink