RedHat Linux 核心多個漏洞

影響

• 遠端執行程式碼
• 權限提升
• 資料洩露
• 阻斷服務
• 篡改
• 繞過保安限制

受影響之系統或技術

• Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.2 aarch64
• Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
• Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
• Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.2 s390x
• Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
• Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.2 ppc64le
• Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
• Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
• Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.2 x86_64
• Red Hat CodeReady Linux Builder for x86_64 8 x86_64
• Red Hat CodeReady Linux Builder for x86_64 9 x86_64
• Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
• Red Hat Enterprise Linux for ARM 64 9 aarch64
• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x
• Red Hat Enterprise Linux for IBM z Systems 8 s390x
• Red Hat Enterprise Linux for IBM z Systems 9 s390x
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
• Red Hat Enterprise Linux for Power, little endian 9 ppc64le
• Red Hat Enterprise Linux for Real Time 8 x86_64
• Red Hat Enterprise Linux for Real Time 9 x86_64
• Red Hat Enterprise Linux for Real Time for NFV 8 x86_64
• Red Hat Enterprise Linux for Real Time for NFV 9 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
• Red Hat Enterprise Linux for x86_64 8 x86_64
• Red Hat Enterprise Linux for x86_64 9 x86_64
• Red Hat Enterprise Linux Server - AUS 9.2 x86_64
• Red Hat Enterprise Linux Server AUS (v. 7.7) - noarch, x86_64
• Red Hat Enterprise Linux Server E4S (v. 7.7) - noarch, ppc64le, x86_64
• Red Hat Enterprise Linux Server E4S (v. 7.7) - ppc64le, x86_64
• Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.2 aarch64
• Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.2 s390x
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
• Red Hat Enterprise Linux Server Optional AUS (v. 7.7) - x86_64
• Red Hat Enterprise Linux Server Optional E4S (v. 7.7) - ppc64le, x86_64
• Red Hat Enterprise Linux Server Optional TUS (v. 7.7) - x86_64
• Red Hat Enterprise Linux Server TUS (v. 7.7) - noarch, x86_64

解決方案

在安裝軟體之前，請先瀏覽供應商之網站，以獲得更多詳細資料。

安裝供應商提供的修補程式：

• https://access.redhat.com/errata/RHSA-2023:2148
• https://access.redhat.com/errata/RHSA-2023:2458
• https://access.redhat.com/errata/RHSA-2023:2951
• https://access.redhat.com/errata/RHSA-2023:2736
• https://access.redhat.com/errata/RHSA-2023:3190
• https://access.redhat.com/errata/RHSA-2023:3191
• https://access.redhat.com/errata/RHSA-2023:3277
• https://access.redhat.com/errata/RHSA-2023:3278

漏洞識別碼

• CVE-2021-26341
• CVE-2021-33655
• CVE-2021-33656
• CVE-2022-1462
• CVE-2022-1679
• CVE-2022-1789
• CVE-2022-1882
• CVE-2022-2196
• CVE-2022-2663
• CVE-2022-3028
• CVE-2022-3239
• CVE-2022-3435
• CVE-2022-3522
• CVE-2022-3524
• CVE-2022-3564
• CVE-2022-3566
• CVE-2022-3567
• CVE-2022-3619
• CVE-2022-3623
• CVE-2022-3625
• CVE-2022-3628
• CVE-2022-3640
• CVE-2022-3707
• CVE-2022-4128
• CVE-2022-4129
• CVE-2022-4269
• CVE-2022-20141
• CVE-2022-21505
• CVE-2022-25265
• CVE-2022-28388
• CVE-2022-30594
• CVE-2022-33743
• CVE-2022-39188
• CVE-2022-39189
• CVE-2022-41218
• CVE-2022-41674
• CVE-2022-42703
• CVE-2022-42720
• CVE-2022-42721
• CVE-2022-42722
• CVE-2022-42896
• CVE-2022-43750
• CVE-2022-47929
• CVE-2023-0394
• CVE-2023-0461
• CVE-2023-0590
• CVE-2023-1195
• CVE-2023-1382
• CVE-2023-1390
• CVE-2023-1582
• CVE-2023-23454

資料來源

• AusCERT
• Redhat

相關連結

• https://www.auscert.org.au/bulletins/ESB-2023.2635
• https://www.auscert.org.au/bulletins/ESB-2023.2659
• https://www.auscert.org.au/bulletins/ESB-2023.2838
• https://www.auscert.org.au/bulletins/ESB-2023.2989
• https://www.auscert.org.au/bulletins/ESB-2023.2991
• https://access.redhat.com/errata/RHSA-2023:2148
• https://access.redhat.com/errata/RHSA-2023:2458
• https://access.redhat.com/errata/RHSA-2023:2951
• https://access.redhat.com/errata/RHSA-2023:2736
• https://access.redhat.com/errata/RHSA-2023:3190
• https://access.redhat.com/errata/RHSA-2023:3191
• https://access.redhat.com/errata/RHSA-2023:3277
• https://access.redhat.com/errata/RHSA-2023:3278