SUSE Linux 內核多個漏洞
發佈日期:
2022年06月17日
1728
觀看次數
風險: 中度風險
類型: 操作系統 - LINUX
於 SUSE 產品發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發權限提升、阻斷服務狀況、資料洩露、遠端執行程式碼、篡改及繞過保安限制。
影響
- 權限提升
- 繞過保安限制
- 篡改
- 資料洩露
- 阻斷服務
- 遠端執行程式碼
受影響之系統或技術
- HPE Helion Openstack 8
- SUSE Linux Enterprise Desktop 15-SP3
- SUSE Linux Enterprise High Availability 12-SP3
- SUSE Linux Enterprise High Availability 12-SP4
- SUSE Linux Enterprise High Availability 15-SP3
- SUSE Linux Enterprise High Performance Computing
- SUSE Linux Enterprise High Performance Computing 12-SP3
- SUSE Linux Enterprise High Performance Computing 12-SP4
- SUSE Linux Enterprise High Performance Computing 15-SP3
- SUSE Linux Enterprise Live Patching 12-SP4
- SUSE Linux Enterprise Micro 5.1
- SUSE Linux Enterprise Micro 5.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3
- SUSE Linux Enterprise Module for Development Tools 15-SP3
- SUSE Linux Enterprise Module for Legacy Software 15-SP3
- SUSE Linux Enterprise Module for Live Patching 15-SP3
- SUSE Linux Enterprise Module for Public Cloud 15-SP3
- SUSE Linux Enterprise Server
- SUSE Linux Enterprise Server 12-SP2-BCL
- SUSE Linux Enterprise Server 12-SP3
- SUSE Linux Enterprise Server 12-SP3-BCL
- SUSE Linux Enterprise Server 12-SP3-LTSS
- SUSE Linux Enterprise Server 12-SP4
- SUSE Linux Enterprise Server 12-SP4-LTSS
- SUSE Linux Enterprise Server 12-SP5
- SUSE Linux Enterprise Server 15-SP3
- SUSE Linux Enterprise Server for SAP 12-SP3
- SUSE Linux Enterprise Server for SAP 12-SP4
- SUSE Linux Enterprise Server for SAP Applications
- SUSE Linux Enterprise Server for SAP Applications 15-SP3
- SUSE Linux Enterprise Workstation Extension 15-SP3
- SUSE Manager Proxy 4.2
- SUSE Manager Retail Branch Server 4.2
- SUSE Manager Server 4.2
- SUSE OpenStack Cloud 8
- SUSE OpenStack Cloud 9
- SUSE OpenStack Cloud Crowbar 8
- SUSE OpenStack Cloud Crowbar 9
- openSUSE Leap 15.3
- openSUSE Leap 15.4
解決方案
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
- https://www.suse.com/support/update/announcement/2022/suse-su-20222077-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20222078-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20222079-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20222080-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20222082-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20222083-1/
漏洞識別碼
- CVE-2017-13695
- CVE-2018-7755
- CVE-2018-20784
- CVE-2019-19377
- CVE-2019-20811
- CVE-2020-10769
- CVE-2021-20292
- CVE-2021-20321
- CVE-2021-28688
- CVE-2021-33061
- CVE-2021-38208
- CVE-2021-39711
- CVE-2021-43389
- CVE-2022-0168
- CVE-2022-1011
- CVE-2022-1184
- CVE-2022-1353
- CVE-2022-1419
- CVE-2022-1516
- CVE-2022-1652
- CVE-2022-1729
- CVE-2022-1734
- CVE-2022-1966
- CVE-2022-1972
- CVE-2022-1974
- CVE-2022-1975
- CVE-2022-20008
- CVE-2022-21123
- CVE-2022-21125
- CVE-2022-21127
- CVE-2022-21166
- CVE-2022-21180
- CVE-2022-21499
- CVE-2022-24448
- CVE-2022-28388
- CVE-2022-28390
- CVE-2022-30594
資料來源
相關連結
- https://www.auscert.org.au/bulletins/ESB-2022.2955
- https://www.auscert.org.au/bulletins/ESB-2022.2956
- https://www.auscert.org.au/bulletins/ESB-2022.2957
- https://www.auscert.org.au/bulletins/ESB-2022.2958
- https://www.auscert.org.au/bulletins/ESB-2022.2972
- https://www.auscert.org.au/bulletins/ESB-2022.2973
- https://www.suse.com/support/update/announcement/2022/suse-su-20222077-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20222078-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20222079-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20222080-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20222082-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20222083-1/
分享至