漏洞信息详情
Linux Kernel IOPERM系统调用I/O端口访问漏洞
- CNNVD编号:CNNVD-200306-073
- 危害等级: 低危
- CVE编号: CVE-2003-0246
- 漏洞类型: 设计错误
- 发布时间: 2003-05-14
- 威胁类型: 本地
- 更新时间: 2005-10-20
- 厂 商: linux
- 漏洞来源: Martin J. Bligh※ m...
漏洞简介
Linux Kernel是开放源代码的Linux内核系统。 Linux的ioperm系统调用存在程序设计错误,本地攻击者可以利用这个漏洞读/写访问系统的I/O端口。 ioperm由于设计问题可允许非特权用户获得对系统I/O端口的读和写访问。当特权进程使用时,ioperm系统调用也会不正确地限制权限。
漏洞公告
临时解决方法: 如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
* Linux 2.5.69版本中未测试和非官方补丁如下:
diff -urN linux-2.5.64-bk5/arch/i386/kernel/ioport.c linux/arch/i386/kernel/ioport.c
--- linux-2.5.64-bk5/arch/i386/kernel/ioport.c2003-02-24 14:59:03.000000000 -0500
+++ linux/arch/i386/kernel/ioport.c2003-03-14 10:19:48.000000000 -0500
@@ -84,15 +84,17 @@
t->ts_io_bitmap = bitmap;
}
-tss = init_tss + get_cpu();
-if (bitmap)
-tss->bitmap = IO_BITMAP_OFFSET;/* Activate it in the TSS */
-
/*
* do it in the per-thread copy and in the TSS ...
*/
set_bitmap(t->ts_io_bitmap, from, num, !turn_on);
-set_bitmap(tss->io_bitmap, from, num, !turn_on);
+tss = init_tss + get_cpu();
+if (tss->bitmap == IO_BITMAP_OFFSET) { /* already active? */
+set_bitmap(tss->io_bitmap, from, num, !turn_on);
+} else {
+memcpy(tss->io_bitmap, t->ts_io_bitmap, IO_BITMAP_BYTES);
+tss->bitmap = IO_BITMAP_OFFSET;/* Activate it in the TSS */
+}
put_cpu();
out:
return ret; 厂商补丁: RedHat ------ RedHat已经为此发布了一个安全公告(RHSA-2003:172-00)以及相应补丁:
RHSA-2003:172-00:Updated 2.4 kernel fixes security vulnerabilities and various bugs
链接:https://www.redhat.com/support/errata/RHSA-2003-172.HTML
补丁下载:
Red Hat Linux 7.1:
SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/kernel-2.4.20-13.7.src.rpm
athlon:
ftp://updates.redhat.com/7.1/en/os/athlon/kernel-2.4.20-13.7.athlon.rpm
ftp://updates.redhat.com/7.1/en/os/athlon/kernel-smp-2.4.20-13.7.athlon.rpm
i386:
ftp://updates.redhat.com/7.1/en/os/i386/kernel-2.4.20-13.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-source-2.4.20-13.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-doc-2.4.20-13.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-BOOT-2.4.20-13.7.i386.rpm
i586:
ftp://updates.redhat.com/7.1/en/os/i586/kernel-2.4.20-13.7.i586.rpm
ftp://updates.redhat.com/7.1/en/os/i586/kernel-smp-2.4.20-13.7.i586.rpm
i686:
ftp://updates.redhat.com/7.1/en/os/i686/kernel-2.4.20-13.7.i686.rpm
ftp://updates.redhat.com/7.1/en/os/i686/kernel-smp-2.4.20-13.7.i686.rpm
ftp://updates.redhat.com/7.1/en/os/i686/kernel-bigmem-2.4.20-13.7.i686.rpm
Red Hat Linux 7.2:
SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/kernel-2.4.20-13.7.src.rpm
athlon:
ftp://updates.redhat.com/7.2/en/os/athlon/kernel-2.4.20-13.7.athlon.rpm
ftp://updates.redhat.com/7.2/en/os/athlon/kernel-smp-2.4.20-13.7.athlon.rpm
i386:
ftp://updates.redhat.com/7.2/en/os/i386/kernel-2.4.20-13.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-source-2.4.20-13.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-doc-2.4.20-13.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-BOOT-2.4.20-13.7.i386.rpm
i586:
ftp://updates.redhat.com/7.2/en/os/i586/kernel-2.4.20-13.7.i586.rpm
ftp://updates.redhat.com/7.2/en/os/i586/kernel-smp-2.4.20-13.7.i586.rpm
i686:
ftp://updates.redhat.com/7.2/en/os/i686/kernel-2.4.20-13.7.i686.rpm
ftp://updates.redhat.com/7.2/en/os/i686/kernel-smp-2.4.20-13.7.i686.rpm
ftp://updates.redhat.com/7.2/en/os/i686/kernel-bigmem-2.4.20-13.7.i686.rpm
Red Hat Linux 7.3:
SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/kernel-2.4.20-13.7.src.rpm
athlon:
ftp://updates.redhat.com/7.3/en/os/athlon/kernel-2.4.20-13.7.athlon.rpm
ftp://updates.redhat.com/7.3/en/os/athlon/kernel-smp-2.4.20-13.7.athlon.rpm
i386:
ftp://updates.redhat.com/7.3/en/os/i386/kernel-2.4.20-13.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/kernel-source-2.4.20-13.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/kernel-doc-2.4.20-13.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/kernel-BOOT-2.4.20-13.7.i386.rpm
i586:
ftp://updates.redhat.com/7.3/en/os/i586/kernel-2.4.20-13.7.i586.rpm
ftp://updates.redhat.com/7.3/en/os/i586/kernel-smp-2.4.20-13.7.i586.rpm
i686:
ftp://updates.redhat.com/7.3/en/os/i686/kernel-2.4.20-13.7.i686.rpm
ftp://updates.redhat.com/7.3/en/os/i686/kernel-smp-2.4.20-13.7.i686.rpm
ftp://updates.redhat.com/7.3/en/os/i686/kernel-bigmem-2.4.20-13.7.i686.rpm
Red Hat Linux 8.0:
SRPMS:
ftp://updates.redhat.com/8.0/en/os/SRPMS/kernel-2.4.20-13.8.src.rpm
ftp://updates.redhat.com/8.0/en/os/SRPMS/oprofile-0.4-44.8.1.src.rpm
athlon:
参考网址
来源: REDHAT 名称: RHSA-2003:172 链接:http://www.redhat.com/support/errata/RHSA-2003-172.HTML 来源: DEBIAN 名称: DSA-311 链接:http://www.debian.org/security/2003/dsa-311 来源: ENGARDE 名称: ESA-20030515-017 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=105301461726555&w=2 来源: TURBO 名称: TLSA-2003-41 链接:http://www.turbolinux.com/security/TLSA-2003-41.txt 来源: REDHAT 名称: RHSA-2003:147 链接:http://www.redhat.com/support/errata/RHSA-2003-147.HTML 来源: DEBIAN 名称: DSA-442 链接:http://www.debian.org/security/2004/dsa-442 来源: DEBIAN 名称: DSA-336 链接:http://www.debian.org/security/2003/dsa-336 来源: DEBIAN 名称: DSA-332 链接:http://www.debian.org/security/2003/dsa-332 来源: DEBIAN 名称: DSA-312 链接:http://www.debian.org/security/2003/dsa-312 来源: VULNWATCH 名称: 20030520 Linux 2.4 kernel ioperm vuln 链接:http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0076.HTML 来源: MANDRAKE 名称: MDKSA-2003:074 链接:http://www.mandriva.com/security/advisories?name=MDKSA-2003:074 来源: MANDRAKE 名称: MDKSA-2003:066 链接:http://www.mandriva.com/security/advisories?name=MDKSA-2003:066 来源: US Government Resource: oval:org.mitre.oval:def:278 名称: oval:org.mitre.oval:def:278 链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:278
受影响实体
- Linux Linux_kernel:2.5.38
- Linux Linux_kernel:2.5.24
- Linux Linux_kernel:2.5.69
- Linux Linux_kernel:2.5.64
- Linux Linux_kernel:2.5.65
补丁
暂无
评论