Linux 內核多個漏洞

影響

• 阻斷服務
• 權限提升
• 資料洩露
• 遠端執行程式碼

受影響之系統或技術

• openSUSE Leap 15.4
• Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.0 aarch64
• Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
• Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.0 s390x
• Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
• Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.0 ppc64le
• Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
• Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0 x86_64
• Red Hat CodeReady Linux Builder for x86_64 9 x86_64
• Red Hat Enterprise Linux Desktop 7 x86_64
• Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
• Red Hat Enterprise Linux for ARM 64 9 aarch64
• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
• Red Hat Enterprise Linux for IBM z Systems 7 s390x
• Red Hat Enterprise Linux for IBM z Systems 9 s390x
• Red Hat Enterprise Linux for Power, big endian 7 ppc64
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
• Red Hat Enterprise Linux for Power, little endian 7 ppc64le
• Red Hat Enterprise Linux for Power, little endian 9 ppc64le
• Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.2 x86_64
• Red Hat Enterprise Linux for Real Time 7 x86_64
• Red Hat Enterprise Linux for Real Time 9 x86_64
• Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.2 x86_64
• Red Hat Enterprise Linux for Real Time for NFV 7 x86_64
• Red Hat Enterprise Linux for Real Time for NFV 9 x86_64
• Red Hat Enterprise Linux for Real Time for NFV for x86_64 - 4 years of updates 9.0 x86_64
• Red Hat Enterprise Linux for Real Time for x86_64 - 4 years of updates 9.0 x86_64
• Red Hat Enterprise Linux for Scientific Computing 7 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
• Red Hat Enterprise Linux for x86_64 9 x86_64
• Red Hat Enterprise Linux Server - AUS 8.2 x86_64
• Red Hat Enterprise Linux Server - TUS 8.2 x86_64
• Red Hat Enterprise Linux Server 7 x86_64
• Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64
• Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
• Red Hat Enterprise Linux Workstation 7 x86_64
• Red Hat Virtualization Host 4 for RHEL 7 x86_64
• SUSE Linux Enterprise Desktop 15-SP4
• SUSE Linux Enterprise High Availability 15-SP4
• SUSE Linux Enterprise High Performance Computing
• SUSE Linux Enterprise High Performance Computing 15-SP4
• SUSE Linux Enterprise Micro 5.3
• SUSE Linux Enterprise Module for Basesystem 15-SP4
• SUSE Linux Enterprise Module for Development Tools 15-SP4
• SUSE Linux Enterprise Module for Legacy Software 15-SP4
• SUSE Linux Enterprise Module for Live Patching 15-SP4
• SUSE Linux Enterprise Server
• SUSE Linux Enterprise Server 15-SP4
• SUSE Linux Enterprise Server for SAP Applications
• SUSE Linux Enterprise Server for SAP Applications 15-SP4
• SUSE Linux Enterprise Workstation Extension 15-SP4
• SUSE Manager Proxy 4.3
• SUSE Manager Retail Branch Server 4.3
• SUSE Manager Server 4.3
   

解決方案

在安裝軟體之前，請先瀏覽供應商之網站，以獲得更多詳細資料。

對於 RedHat

安裝供應商提供的修補程式：

• https://access.redhat.com/errata/RHSA-2022:7279
• https://access.redhat.com/errata/RHSA-2022:7280
• https://access.redhat.com/errata/RHSA-2022:7318
• https://access.redhat.com/errata/RHSA-2022:7319
• https://access.redhat.com/errata/RHSA-2022:7330
• https://access.redhat.com/errata/RHSA-2022:7337
• https://access.redhat.com/errata/RHSA-2022:7338
• https://access.redhat.com/errata/RHSA-2022:7344

對於 SUSE

安裝供應商提供的修補程式：

• https://lists.opensuse.org/archives/list/[email protected]/thread/DGDNZY2EZSGOZPKLTI6X7OR6IXYBSQYW/

漏洞識別碼

• CVE-2022-1263
• CVE-2022-2585
• CVE-2022-2586
• CVE-2022-2588
• CVE-2022-3202
• CVE-2022-3239
• CVE-2022-3303
• CVE-2022-21123
• CVE-2022-21125
• CVE-2022-21166
• CVE-2022-23816
• CVE-2022-23825
• CVE-2022-26373
• CVE-2022-29900
• CVE-2022-29901
• CVE-2022-30594
• CVE-2022-32296
• CVE-2022-39189
• CVE-2022-41218
• CVE-2022-41674
• CVE-2022-41848
• CVE-2022-41849
• CVE-2022-42719
• CVE-2022-42720
• CVE-2022-42721
• CVE-2022-42722

資料來源

• AusCERT
• RedHat
• SUSE

相關連結

• https://www.auscert.org.au/bulletins/ESB-2022.5500
• https://www.auscert.org.au/bulletins/ESB-2022.5501
• https://www.auscert.org.au/bulletins/ESB-2022.5540
• https://www.auscert.org.au/bulletins/ESB-2022.5541
• https://www.auscert.org.au/bulletins/ESB-2022.5543
• https://www.auscert.org.au/bulletins/ESB-2022.5546
• https://www.auscert.org.au/bulletins/ESB-2022.5547
• https://www.auscert.org.au/bulletins/ESB-2022.5549
• https://access.redhat.com/errata/RHSA-2022:7279
• https://access.redhat.com/errata/RHSA-2022:7280
• https://access.redhat.com/errata/RHSA-2022:7318
• https://access.redhat.com/errata/RHSA-2022:7319
• https://access.redhat.com/errata/RHSA-2022:7330
• https://access.redhat.com/errata/RHSA-2022:7337
• https://access.redhat.com/errata/RHSA-2022:7338
• https://access.redhat.com/errata/RHSA-2022:7344
• https://lists.opensuse.org/archives/list/[email protected]/thread/DGDNZY2EZSGOZPKLTI6X7OR6IXYBSQYW/