RedHat Linux 核心多個漏洞

影響

• 遠端執行程式碼
• 權限提升
• 資料洩露

受影響之系統或技術

• Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4 aarch64

• Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6 aarch64

• Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.0 aarch64

• Red Hat CodeReady Linux Builder for ARM 64 8 aarch64

• Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.0 s390x

• Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4 ppc64le

• Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6 ppc64le

• Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.0 ppc64le

• Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le

• Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4 x86_64

• Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6 x86_64

• Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0 x86_64

• Red Hat CodeReady Linux Builder for x86_64 8 x86_64

• Red Hat Enterprise Linux Desktop 7 x86_64

• Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64

• Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64

• Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64

• Red Hat Enterprise Linux for ARM 64 8 aarch64

• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x

• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x

• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x

• Red Hat Enterprise Linux for IBM z Systems 7 s390x

• Red Hat Enterprise Linux for IBM z Systems 8 s390x

• Red Hat Enterprise Linux for Power, big endian 7 ppc64

• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le

• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le

• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le

• Red Hat Enterprise Linux for Power, little endian 7 ppc64le

• Red Hat Enterprise Linux for Power, little endian 8 ppc64le

• Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.2 x86_64

• Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.4 x86_64

• Red Hat Enterprise Linux for Real Time 7 x86_64

• Red Hat Enterprise Linux for Real Time 8 x86_64

• Red Hat Enterprise Linux for Real Time 9 x86_64

• Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.2 x86_64

• Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.4 x86_64

• Red Hat Enterprise Linux for Real Time for NFV 7 x86_64

• Red Hat Enterprise Linux for Real Time for NFV 8 x86_64

• Red Hat Enterprise Linux for Real Time for NFV 9 x86_64

• Red Hat Enterprise Linux for Scientific Computing 7 x86_64

• Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64

• Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64

• Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64

• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64

• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64

• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64

• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64

• Red Hat Enterprise Linux for x86_64 8 x86_64

• Red Hat Enterprise Linux Server - AUS 8.2 x86_64

• Red Hat Enterprise Linux Server - AUS 8.4 x86_64

• Red Hat Enterprise Linux Server - AUS 8.6 x86_64

• Red Hat Enterprise Linux Server - TUS 8.2 x86_64

• Red Hat Enterprise Linux Server - TUS 8.4 x86_64

• Red Hat Enterprise Linux Server - TUS 8.6 x86_64

• Red Hat Enterprise Linux Server 7 x86_64

• Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64

• Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x

• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le

• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le

• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le

• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le

• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le

• Red Hat Enterprise Linux Workstation 7 x86_64

• Red Hat Virtualization Host 4 for RHEL 8 x86_64

解決方案

在安裝軟體之前，請先瀏覽供應商之網站，以獲得更多詳細資料。

安裝供應商提供的修補程式：

• https://access.redhat.com/errata/RHSA-2023:1588
• https://access.redhat.com/errata/RHSA-2023:1584
• https://access.redhat.com/errata/RHSA-2023:1566
• https://access.redhat.com/errata/RHSA-2023:1560
• https://access.redhat.com/errata/RHSA-2023:1559
• https://access.redhat.com/errata/RHSA-2023:1557
• https://access.redhat.com/errata/RHSA-2023:1556
• https://access.redhat.com/errata/RHSA-2023:1554
• https://access.redhat.com/errata/RHSA-2023:1691
• https://access.redhat.com/errata/RHSA-2023:1841
• https://access.redhat.com/errata/RHSA-2023:1923
• https://access.redhat.com/errata/RHSA-2023:1970
• https://access.redhat.com/errata/RHSA-2023:1984
• https://access.redhat.com/errata/RHSA-2023:1987
• https://access.redhat.com/errata/RHSA-2023:1988

漏洞識別碼

• CVE-2022-3564
• CVE-2022-4269
• CVE-2022-4378
• CVE-2022-43750
• CVE-2023-0266
• CVE-2023-0386
• CVE-2023-0461

資料來源

• AusCERT
• Redhat

相關連結

• https://www.auscert.org.au/bulletins/ESB-2023.1969
• https://www.auscert.org.au/bulletins/ESB-2023.1967
• https://www.auscert.org.au/bulletins/ESB-2023.1963
• https://www.auscert.org.au/bulletins/ESB-2023.1962
• https://www.auscert.org.au/bulletins/ESB-2023.1961
• https://www.auscert.org.au/bulletins/ESB-2023.1960
• https://www.auscert.org.au/bulletins/ESB-2023.1959
• https://www.auscert.org.au/bulletins/ESB-2023.1958
• https://www.auscert.org.au/bulletins/ESB-2023.2078
• https://www.auscert.org.au/bulletins/ESB-2023.2215
• https://access.redhat.com/errata/RHSA-2023:1588
• https://access.redhat.com/errata/RHSA-2023:1584
• https://access.redhat.com/errata/RHSA-2023:1566
• https://access.redhat.com/errata/RHSA-2023:1560
• https://access.redhat.com/errata/RHSA-2023:1559
• https://access.redhat.com/errata/RHSA-2023:1557
• https://access.redhat.com/errata/RHSA-2023:1556
• https://access.redhat.com/errata/RHSA-2023:1554
• https://access.redhat.com/errata/RHSA-2023:1691
• https://access.redhat.com/errata/RHSA-2023:1841
• https://access.redhat.com/errata/RHSA-2023:1923
• https://access.redhat.com/errata/RHSA-2023:1970
• https://access.redhat.com/errata/RHSA-2023:1984
• https://access.redhat.com/errata/RHSA-2023:1987
• https://access.redhat.com/errata/RHSA-2023:1988