SUSE Linux 內核多個漏洞

影響

• 權限提升
• 繞過保安限制
• 篡改
• 資料洩露
• 阻斷服務
• 遠端執行程式碼

受影響之系統或技術

• HPE Helion Openstack 8
• SUSE Linux Enterprise Desktop 15-SP3
• SUSE Linux Enterprise High Availability 12-SP3
• SUSE Linux Enterprise High Availability 12-SP4
• SUSE Linux Enterprise High Availability 15-SP3
• SUSE Linux Enterprise High Performance Computing
• SUSE Linux Enterprise High Performance Computing 12-SP3
• SUSE Linux Enterprise High Performance Computing 12-SP4
• SUSE Linux Enterprise High Performance Computing 15-SP3
• SUSE Linux Enterprise Live Patching 12-SP4
• SUSE Linux Enterprise Micro 5.1
• SUSE Linux Enterprise Micro 5.2
• SUSE Linux Enterprise Module for Basesystem 15-SP3
• SUSE Linux Enterprise Module for Development Tools 15-SP3
• SUSE Linux Enterprise Module for Legacy Software 15-SP3
• SUSE Linux Enterprise Module for Live Patching 15-SP3
• SUSE Linux Enterprise Module for Public Cloud 15-SP3
• SUSE Linux Enterprise Server
• SUSE Linux Enterprise Server 12-SP2-BCL
• SUSE Linux Enterprise Server 12-SP3
• SUSE Linux Enterprise Server 12-SP3-BCL
• SUSE Linux Enterprise Server 12-SP3-LTSS
• SUSE Linux Enterprise Server 12-SP4
• SUSE Linux Enterprise Server 12-SP4-LTSS
• SUSE Linux Enterprise Server 12-SP5
• SUSE Linux Enterprise Server 15-SP3
• SUSE Linux Enterprise Server for SAP 12-SP3
• SUSE Linux Enterprise Server for SAP 12-SP4
• SUSE Linux Enterprise Server for SAP Applications
• SUSE Linux Enterprise Server for SAP Applications 15-SP3
• SUSE Linux Enterprise Workstation Extension 15-SP3
• SUSE Manager Proxy 4.2
• SUSE Manager Retail Branch Server 4.2
• SUSE Manager Server 4.2
• SUSE OpenStack Cloud 8
• SUSE OpenStack Cloud 9
• SUSE OpenStack Cloud Crowbar 8
• SUSE OpenStack Cloud Crowbar 9
• openSUSE Leap 15.3
• openSUSE Leap 15.4

解決方案

在安裝軟體之前，請先瀏覽供應商之網站，以獲得更多詳細資料。

安裝供應商提供的修補程式：

• https://www.suse.com/support/update/announcement/2022/suse-su-20222077-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20222078-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20222079-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20222080-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20222082-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20222083-1/

漏洞識別碼

• CVE-2017-13695
• CVE-2018-7755
• CVE-2018-20784
• CVE-2019-19377
• CVE-2019-20811
• CVE-2020-10769
• CVE-2021-20292
• CVE-2021-20321
• CVE-2021-28688
• CVE-2021-33061
• CVE-2021-38208
• CVE-2021-39711
• CVE-2021-43389
• CVE-2022-0168
• CVE-2022-1011
• CVE-2022-1184
• CVE-2022-1353
• CVE-2022-1419
• CVE-2022-1516
• CVE-2022-1652
• CVE-2022-1729
• CVE-2022-1734
• CVE-2022-1966
• CVE-2022-1972
• CVE-2022-1974
• CVE-2022-1975
• CVE-2022-20008
• CVE-2022-21123
• CVE-2022-21125
• CVE-2022-21127
• CVE-2022-21166
• CVE-2022-21180
• CVE-2022-21499
• CVE-2022-24448
• CVE-2022-28388
• CVE-2022-28390
• CVE-2022-30594

資料來源

• AusCERT
• SUSE

相關連結

• https://www.auscert.org.au/bulletins/ESB-2022.2955
• https://www.auscert.org.au/bulletins/ESB-2022.2956
• https://www.auscert.org.au/bulletins/ESB-2022.2957
• https://www.auscert.org.au/bulletins/ESB-2022.2958
• https://www.auscert.org.au/bulletins/ESB-2022.2972
• https://www.auscert.org.au/bulletins/ESB-2022.2973
• https://www.suse.com/support/update/announcement/2022/suse-su-20222077-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20222078-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20222079-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20222080-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20222082-1/
• https://www.suse.com/support/update/announcement/2022/suse-su-20222083-1/