Linux 核心多個漏洞

影響

• 阻斷服務
• 權限提升
• 遠端執行程式碼
• 資料洩露

受影響之系統或技術

• Debian Linux 4.9.320-2 之前的版本
• Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.0 aarch64
• Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
• Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.0 s390x
• Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
• Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.0 ppc64le
• Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
• Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0 x86_64
• Red Hat CodeReady Linux Builder for x86_64 9 x86_64
• Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
• Red Hat Enterprise Linux for ARM 64 9 aarch64
• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
• Red Hat Enterprise Linux for IBM z Systems 9 s390x
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
• Red Hat Enterprise Linux for Power, little endian 9 ppc64le
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
• Red Hat Enterprise Linux for x86_64 9 x86_64
• Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64
• Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
• Ubuntu 20.04
  • Ubuntu linux-image-oem-20.04c - 5.14.0.1044.40 之前的版本
  • Ubuntu linux-image-oem-20.04b - 5.14.0.1044.40 之前的版本
  • Ubuntu linux-image-oem-20.04d - 5.14.0.1044.40 之前的版本
  • Ubuntu linux-image-oem-20.04 - 5.14.0.1044.40 之前的版本
  • Ubuntu linux-image-5.14.0-1044-oem - 5.14.0-1044.49 之前的版本

解決方案

在安裝軟體之前，請先瀏覽供應商之網站，以獲得更多詳細資料。

對於 Debian

• 安裝供應商提供的修補程式：
  • https://www.debian.org/lts/security/2022/dla-3065

對於 Red Hat

• 安裝供應商提供的修補程式：
  • https://access.redhat.com/errata/RHSA-2022:5249

對於 Ubuntu

• 安裝供應商提供的修補程式：
  • https://ubuntu.com/security/notices/USN-5485-2

漏洞識別碼

• CVE-2018-1108
• CVE-2021-4149
• CVE-2021-39713
• CVE-2022-0494
• CVE-2022-0812
• CVE-2022-0854
• CVE-2022-1011
• CVE-2022-1012
• CVE-2022-1016
• CVE-2022-1198
• CVE-2022-1199
• CVE-2022-1353
• CVE-2022-1516
• CVE-2022-1729
• CVE-2022-1734
• CVE-2022-1966
• CVE-2022-1974
• CVE-2022-1975
• CVE-2022-2153
• CVE-2022-21123
• CVE-2022-21125
• CVE-2022-21166
• CVE-2022-23036
• CVE-2022-23037
• CVE-2022-23038
• CVE-2022-23039
• CVE-2022-23040
• CVE-2022-23041
• CVE-2022-23042
• CVE-2022-23960
• CVE-2022-24958
• CVE-2022-26490
• CVE-2022-26966
• CVE-2022-27223
• CVE-2022-27666
• CVE-2022-28356
• CVE-2022-28390
• CVE-2022-30594
• CVE-2022-32250
• CVE-2022-32296
• CVE-2022-33981

資料來源

• AusCERT
• Debian
• Red Hat
• Ubuntu

相關連結

• https://www.auscert.org.au/bulletins/ESB-2022.3235
• https://www.auscert.org.au/bulletins/ESB-2022.3214
• https://www.auscert.org.au/bulletins/ESB-2022.3238
• https://www.debian.org/lts/security/2022/dla-3065
• https://access.redhat.com/errata/RHSA-2022:5249
• https://ubuntu.com/security/notices/USN-5485-2