Linux 核心多個漏洞

影響

• 阻斷服務
• 權限提升
• 資料洩露
• 篡改

受影響之系統或技術

• Debian Stable Distribution (bullseye) prior to 5.10.127-2
• SUSE Linux Enterprise Desktop 15-SP3
• SUSE Linux Enterprise High Availability 15-SP3
• SUSE Linux Enterprise High Performance Computing
• SUSE Linux Enterprise High Performance Computing 15-SP3
• SUSE Linux Enterprise Micro 5.1
• SUSE Linux Enterprise Micro 5.2
• SUSE Linux Enterprise Module for Basesystem 15-SP3
• SUSE Linux Enterprise Module for Development Tools 15-SP3
• SUSE Linux Enterprise Module for Legacy Software 15-SP3
• SUSE Linux Enterprise Module for Live Patching 15-SP3
• SUSE Linux Enterprise Server
• SUSE Linux Enterprise Server 15-SP3
• SUSE Linux Enterprise Server for SAP Applications
• SUSE Linux Enterprise Server for SAP Applications 15-SP3
• SUSE Linux Enterprise Storage 7.1
• SUSE Linux Enterprise Workstation Extension 15-SP3
• SUSE Manager Proxy 4.2
• SUSE Manager Retail Branch Server 4.2
• SUSE Manager Server 4.2
• openSUSE Leap 15.3
• openSUSE Leap 15.4

解決方案

在安裝軟體之前，請先瀏覽供應商之網站，以獲得更多詳細資料。

安裝供應商提供的修補程式：

• https://www.suse.com/support/update/announcement/2022/suse-su-20222549-1
• https://lists.debian.org/debian-security-announce/2022/msg00160.html

漏洞識別碼

• CVE-2021-4157
• CVE-2021-26341
• CVE-2021-33655
• CVE-2022-1012
• CVE-2022-1679
• CVE-2022-2318
• CVE-2022-20132
• CVE-2022-20141
• CVE-2022-20154
• CVE-2022-26365
• CVE-2022-29900
• CVE-2022-29901
• CVE-2022-33740
• CVE-2022-33741
• CVE-2022-33742
• CVE-2022-33743
• CVE-2022-33744
• CVE-2022-33981
• CVE-2022-34918

資料來源

• AusCERT
• SUSE
• Debian

相關連結

• https://www.auscert.org.au/bulletins/ESB-2022.3675
• https://www.auscert.org.au/bulletins/ESB-2022.3659
• https://www.suse.com/support/update/announcement/2022/suse-su-20222549-1
• https://lists.debian.org/debian-security-announce/2022/msg00160.html