• 安全漏洞

    安全漏洞補丁公告

    當前位置  >  首頁  >  服務支持  >  安全漏洞  >  安全漏洞補丁公告

    公告ID(KYSA-202107-0017

    公告ID:KYSA-202107-0017 公告摘要: systemd安全漏洞 等級:中等 發布日期:2022-11-23

    詳細介紹

    1. 修復的CVE CVE-2021-33910 systemd是德國Lennart Poettering個人開發者的一款基于Linux的系統和服務管理器。該產品兼容了SysV和LSB的啟動腳本,且提供了一個用來表示系統服務間依賴關系的框架。systemd 220到248版本存在安全漏洞,該漏洞源于basic/unit-name.c 的內存分配具有過大的大小值。本地攻擊者可利用該漏洞將文件系統掛載在很長的路徑上,通過在堆棧中分配很大的空間使systemd和整個系統崩潰。 CVE-2020-13529 systemd是德國Lennart Poettering個人開發者的一款基于Linux的系統和服務管理器。該產品兼容了SysV和LSB的啟動腳本,且提供了一個用來表示系統服務間依賴關系的框架。systemd 存在安全漏洞,該漏洞源于在處理DHCP ACK數據包時使用了可預測的事務標識符。以下產品及版本受到影響:216, 217, 218, 219, 220, 221, 222, 223, 224, 225, 226, 227, 228, 229, 230, 231, 232, 233, 234, 235, 236, 237, 238, 239, 240, 241, 241 rc1, 241 rc2, 242, 242 rc1, 242 rc2, 242 rc3, 242 rc4, 243, 243 rc1, 243 rc2, 243.1, 243.2, 243.3, 243.4, 243.6, 243.7, 243.8, 243.9, 244, 244 rc1, 244.1, 244.2, 244.3, 244.4, 244.5, 245, 245 rc1, 245.1, 245.2, 245.3, 245.4, 245.5, 245.6, 245.7, 245.8, 245.9, 246, 246.1, 246.2, 246.3, 246.4, 246.5, 246.6, 246.7, 246.8, 246.9, 246.10, 246.11, 246.12, 246.13, 247, 247.1, 247.2, 247.3, 247.4, 247.5, 247.6。 2. 受影響的操作系統及軟件包 ·銀河麒麟桌面操作系統V10 SP1 libnss-myhostname libnss-mymachines libnss-resolve libnss-systemd libpam-systemd libsystemd-dev libsystemd0 libudev-dev libudev1 systemd systemd-container systemd-coredump systemd-journal-remote systemd-sysv systemd-tests systemd-timesyncd udev 3. 軟件包修復版本 軟件包:systemd 245.4-4kylin3.11k14(V10 SP1) 4. 修復方法 方法一:配置源進行升級安裝 打開軟件包源配置文件,根據倉庫地址進行修改。 4.0.2-sp1: http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp1-desktop main restricted universe multiverse 4.0.2-sp2: http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp2-desktop main restricted universe multiverse 4.0.2-sp3: http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp3-desktop main restricted universe multiverse 4.0.2-sp4: http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp4-desktop main restricted universe multiverse 10.0: http://archive.kylinos.cn/kylin/KYLIN-ALL 10.0 main restricted universe multiverse 10.0 SP1: http://archive.kylinos.cn/kylin/KYLIN-ALL 10.1 main restricted universe multiverse 配置完成后執行更新命令進行升級 $sudo apt update 方法二:下載安裝包進行升級安裝 通過軟件包地址下載軟件包,使用軟件包升級命令根據受影響的組件包列表 升級相關的組件包。 #dpkg -i Packagelists 5. 軟件包下載地址 銀河麒麟操作系統桌面版V10 SP1 X86_64軟件包下載地址 http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-myhostname_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-mymachines_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-resolve_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-systemd_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libpam-systemd_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libsystemd-dev_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libsystemd0_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libudev-dev_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libudev1_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-container_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-coredump_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-journal-remote_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-sysv_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-tests_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-timesyncd_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/udev_245.4-4kylin3.11k14_amd64.deb arm64軟件包下載地址 http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-myhostname_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-mymachines_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-resolve_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-systemd_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libpam-systemd_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libsystemd-dev_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libsystemd0_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libudev-dev_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libudev1_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-container_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-coredump_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-journal-remote_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-sysv_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-tests_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-timesyncd_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/udev_245.4-4kylin3.11k14_arm64.deb mips64el軟件包下載地址 http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-myhostname_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-mymachines_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-resolve_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-systemd_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libpam-systemd_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libsystemd-dev_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libsystemd0_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libudev-dev_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libudev1_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-container_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-coredump_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-journal-remote_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-sysv_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-tests_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-timesyncd_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/udev_245.4-4kylin3.11k14_mips64el.deb 6. 修復驗證 使用軟件包查詢命令,查看相關的軟件包版本大于或等于修復版本則成功修復。 $sudo dpkg -l |grep Package 注:Package為軟件包包名。
    上一篇: KYSA-202108-0004 下一篇: KYSA-202107-0012

    試用

    服務

    動態

    聯系

    公啊灬啊灬啊灬快灬深用力视频