Linux 內核多個漏洞

影響

• 阻斷服務
• 繞過保安限制
• 權限提升
• 資料洩露

受影響之系統或技術

• SUSE Linux Enterprise Desktop 15-SP3
• SUSE Linux Enterprise High Availability 15-SP3
• SUSE Linux Enterprise High Performance Computing
• SUSE Linux Enterprise High Performance Computing 15
• SUSE Linux Enterprise High Performance Computing 15-SP1
• SUSE Linux Enterprise High Performance Computing 15-SP2
• SUSE Linux Enterprise High Performance Computing 15-SP3
• SUSE Linux Enterprise Live Patching 12-SP4
• SUSE Linux Enterprise Live Patching 12-SP5
• SUSE Linux Enterprise Micro 5.1
• SUSE Linux Enterprise Module for Basesystem 15-SP3
• SUSE Linux Enterprise Module for Development Tools 15-SP3
• SUSE Linux Enterprise Module for Legacy Software 15-SP3
• SUSE Linux Enterprise Module for Live Patching 15
• SUSE Linux Enterprise Module for Live Patching 15-SP1
• SUSE Linux Enterprise Module for Live Patching 15-SP2
• SUSE Linux Enterprise Module for Live Patching 15-SP3
• SUSE Linux Enterprise Module for Public Cloud 15-SP3
• SUSE Linux Enterprise Module for Realtime 15-SP3
• SUSE Linux Enterprise Real Time 15-SP3
• SUSE Linux Enterprise Server
• SUSE Linux Enterprise Server 12-SP3-LTSS
• SUSE Linux Enterprise Server 15
• SUSE Linux Enterprise Server 15-SP1
• SUSE Linux Enterprise Server 15-SP2
• SUSE Linux Enterprise Server 15-SP3
• SUSE Linux Enterprise Server for SAP 12-SP3
• SUSE Linux Enterprise Server for SAP Applications
• SUSE Linux Enterprise Server for SAP Applications 15
• SUSE Linux Enterprise Server for SAP Applications 15-SP1
• SUSE Linux Enterprise Server for SAP Applications 15-SP2
• SUSE Linux Enterprise Server for SAP Applications 15-SP3
• SUSE Linux Enterprise Workstation Extension 15-SP3
• SUSE Manager Proxy 4.2
• SUSE Manager Retail Branch Server 4.2
• SUSE Manager Server 4.2
• Ubuntu 16.04 ESM
• Ubuntu 18.04 LTS
• Ubuntu 20.04 LTS
• Ubuntu 21.10
• Red Hat Enterprise Linux Server - AUS 7.3 x86_64
• Red Hat Enterprise Linux Server - AUS 7.4 x86_64
• Red Hat Enterprise Linux Server - AUS 7.6 x86_64
• Red Hat Enterprise Linux Server - TUS 7.6 x86_64
• Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6 x86_64
• Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le

解決方案

在安裝軟體之前，請先瀏覽供應商之網站，以獲得更多詳細資料。

對於 SUSE

• 安裝供應商提供的修補程式：
  • https://www.suse.com/support/update/announcement/2022/suse-su-20220978-1/
  • https://www.suse.com/support/update/announcement/2022/suse-su-20220984-1/
  • https://www.suse.com/support/update/announcement/2022/suse-su-20220991-1/
  • https://www.suse.com/support/update/announcement/2022/suse-su-20220996-1/
  • https://www.suse.com/support/update/announcement/2022/suse-su-20220998-1/
  • https://www.suse.com/support/update/announcement/2022/suse-su-20221003-1/
  • https://www.suse.com/support/update/announcement/2022/suse-su-20221012-1/
  • https://www.suse.com/support/update/announcement/2022/suse-su-20221034-1/
  • https://www.suse.com/support/update/announcement/2022/suse-su-20221035-1/
  • https://www.suse.com/support/update/announcement/2022/suse-su-20221036-1/
  • https://www.suse.com/support/update/announcement/2022/suse-su-20221037-1/
  • https://www.suse.com/support/update/announcement/2022/suse-su-20221038-1/
  • https://www.suse.com/support/update/announcement/2022/suse-su-20221039-1/

對於 Ubuntu

• 安裝供應商提供的修補程式：
  • https://ubuntu.com/security/notices/USN-5353-1
  • https://ubuntu.com/security/notices/USN-5357-1
  • https://ubuntu.com/security/notices/USN-5358-1

對於 Red Hat

• 安裝供應商提供的修補程式：
  • https://access.redhat.com/errata/RHSA-2022:1103
  • https://access.redhat.com/errata/RHSA-2022:1104
  • https://access.redhat.com/errata/RHSA-2022:1106
  • https://access.redhat.com/errata/RHSA-2022:1107

漏洞識別碼

• CVE-2020-0466
• CVE-2021-0920
• CVE-2021-4001
• CVE-2021-4083
• CVE-2021-28688
• CVE-2021-39657
• CVE-2021-39698
• CVE-2021-44879
• CVE-2021-45402
• CVE-2022-0330
• CVE-2022-0487
• CVE-2022-0492
• CVE-2022-0516
• CVE-2022-0617
• CVE-2022-0644
• CVE-2022-1055
• CVE-2022-22942
• CVE-2022-23036
• CVE-2022-23037
• CVE-2022-23038
• CVE-2022-23039
• CVE-2022-23040
• CVE-2022-23041
• CVE-2022-23042
• CVE-2022-24448
• CVE-2022-24958
• CVE-2022-24959
• CVE-2022-25258
• CVE-2022-25636
• CVE-2022-26490
• CVE-2022-26966
• CVE-2022-27223
• CVE-2022-27666

資料來源

• SUSE
• Ubuntu
• Red Hat

相關連結

• https://www.suse.com/support/update/announcement/2022/suse-su-20220978-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20220984-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20220991-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20220996-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20220998-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20221003-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20221012-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20221034-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20221035-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20221036-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20221037-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20221038-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20221039-1/
• https://ubuntu.com/security/notices/USN-5353-1
• https://ubuntu.com/security/notices/USN-5357-1
• https://ubuntu.com/security/notices/USN-5358-1
• https://access.redhat.com/errata/RHSA-2022:1103
• https://access.redhat.com/errata/RHSA-2022:1104
• https://access.redhat.com/errata/RHSA-2022:1106
• https://access.redhat.com/errata/RHSA-2022:1107