Linux 內核多個漏洞

影響

• 阻斷服務
• 權限提升
• 遠端執行程式碼
• 繞過保安限制
• 資料洩露
• 篡改

受影響之系統或技術

• SUSE Linux Enterprise Debuginfo 11-SP4
• SUSE Linux Enterprise High Availability 15
• SUSE Linux Enterprise High Availability 15-SP2
• SUSE Linux Enterprise High Performance Computing 15-ESPOS
• SUSE Linux Enterprise High Performance Computing 15-LTSS
• SUSE Linux Enterprise Module for Basesystem 15-SP2
• SUSE Linux Enterprise Module for Development Tools 15-SP2
• SUSE Linux Enterprise Module for Legacy Software 15-SP2
• SUSE Linux Enterprise Module for Live Patching 15
• SUSE Linux Enterprise Module for Live Patching 15-SP2
• SUSE Linux Enterprise Module for Realtime 15-SP2
• SUSE Linux Enterprise Server 11-EXTRA
• SUSE Linux Enterprise Server 11-SP4-LTSS
• SUSE Linux Enterprise Server 12-SP5
• SUSE Linux Enterprise Server 15-LTSS
• SUSE Linux Enterprise Server for SAP 15
• SUSE Linux Enterprise Workstation Extension 15-SP2
• SUSE MicroOS 5.0
• Ubuntu 14.04 ESM
• Ubuntu 16.04 ESM
• Ubuntu 18.04 LTS
• Ubuntu 20.04 LTS
• Ubuntu 20.10
• Ubuntu 21.04

解決方案

在安裝軟體之前，請先瀏覽供應商之網站，以獲得更多詳細資料。

• 安裝供應商提供的修補程式：

  https://www.suse.com/support/update/announcement/2021/suse-su-202114724-1/

  https://www.suse.com/support/update/announcement/2021/suse-su-20211571-1/

  https://www.suse.com/support/update/announcement/2021/suse-su-20211572-1/

  https://www.suse.com/support/update/announcement/2021/suse-su-20211573-1/

  https://www.suse.com/support/update/announcement/2021/suse-su-20211574-1/

  https://ubuntu.com/security/notices/USN-4945-1

  https://ubuntu.com/security/notices/USN-4946-1

  https://ubuntu.com/security/notices/USN-4947-1

  https://ubuntu.com/security/notices/USN-4948-1

  https://ubuntu.com/security/notices/USN-4949-1

  https://ubuntu.com/security/notices/USN-4950-1

漏洞識別碼

• CVE-2019-2308
• CVE-2020-0433
• CVE-2020-25639
• CVE-2020-25670
• CVE-2020-25671
• CVE-2020-25672
• CVE-2020-25673
• CVE-2020-27170
• CVE-2020-27171
• CVE-2020-27673
• CVE-2020-27815
• CVE-2020-35519
• CVE-2020-36310
• CVE-2020-36311
• CVE-2020-36312
• CVE-2020-36322
• CVE-2021-3428
• CVE-2021-3444
• CVE-2021-3483
• CVE-2021-3489
• CVE-2021-3490
• CVE-2021-3491
• CVE-2021-20219
• CVE-2021-20261
• CVE-2021-20292
• CVE-2021-26930
• CVE-2021-26931
• CVE-2021-27363
• CVE-2021-27364
• CVE-2021-27365
• CVE-2021-28038
• CVE-2021-28375
• CVE-2021-28660
• CVE-2021-28688
• CVE-2021-28950
• CVE-2021-28951
• CVE-2021-28952
• CVE-2021-28964
• CVE-2021-28971
• CVE-2021-28972
• CVE-2021-29154
• CVE-2021-29155
• CVE-2021-29264
• CVE-2021-29265
• CVE-2021-29266
• CVE-2021-29646
• CVE-2021-29647
• CVE-2021-29649
• CVE-2021-29650
• CVE-2021-29657
• CVE-2021-30002
• CVE-2021-31916

資料來源

• SUSE
• Ubuntu
• AusCERT

相關連結

https://www.suse.com/support/update/announcement/2021/suse-su-202114724-1/

https://www.suse.com/support/update/announcement/2021/suse-su-20211571-1/

https://www.suse.com/support/update/announcement/2021/suse-su-20211572-1/

https://www.suse.com/support/update/announcement/2021/suse-su-20211573-1/

https://www.suse.com/support/update/announcement/2021/suse-su-20211574-1/

https://ubuntu.com/security/notices/USN-4945-1

https://ubuntu.com/security/notices/USN-4946-1

https://ubuntu.com/security/notices/USN-4947-1

https://ubuntu.com/security/notices/USN-4948-1

https://ubuntu.com/security/notices/USN-4949-1

https://ubuntu.com/security/notices/USN-4950-1

https://www.auscert.org.au/bulletins/ESB-2021.1622

https://www.auscert.org.au/bulletins/ESB-2021.1623

https://www.auscert.org.au/bulletins/ESB-2021.1624

https://www.auscert.org.au/bulletins/ESB-2021.1625

https://www.auscert.org.au/bulletins/ESB-2021.1635