漏洞信息详情
Linux kernel 缓冲区错误漏洞
- CNNVD编号:CNNVD-201906-903
- 危害等级: 高危
- CVE编号: CVE-2019-12817
- 漏洞类型: 缓冲区错误
- 发布时间: 2019-06-24
- 威胁类型: 本地
- 更新时间: 2022-04-19
- 厂 商:
- 漏洞来源: Ubuntu,Michael Ell...
漏洞简介
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。
Linux kernel 5.1.15之前版本中的arch/powerpc/mm/mmu_context_book3s64.c文件存在安全漏洞。本地攻击者可利用该漏洞访问其他进程的内存内容或损坏其他进程的内存。
漏洞公告
目前厂商已发布升级补丁以修复漏洞,补丁获取链接:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ca72d88378b2f2444d3ec145dd442d449d3fefbc
参考网址
来源:UBUNTU
链接:https://usn.ubuntu.com/4031-1/
来源:BUGTRAQ
链接:https://seclists.org/bugtraq/2019/Aug/13
来源:FEDORA
链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/WSKLL2374YGFQR6LSVCFGTTCRGBTLAWZ/
来源:CONFIRM
链接:https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.15
来源:SUSE
链接:http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.HTML
来源:REDHAT
链接:https://access.redhat.com/errata/RHSA-2019:2703
来源:BID
链接:https://www.securityfocus.com/bid/108884
来源:access.redhat.com
链接:https://access.redhat.com/security/cve/cve-2019-12817
来源:bugzilla.redhat.com
链接:https://bugzilla.redhat.com/show_bug.cgi?id=1720616
来源:git.kernel.org
链接:https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f384796c40dc
来源:www.kernel.org
链接:http://www.kernel.org/
来源:CONFIRM
链接:https://support.f5.com/csp/article/K12876166?utm_source=f5support&utm_medium=RSS
来源:MISC
链接:https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ca72d88378b2f2444d3ec145dd442d449d3fefbc
来源:www.openwall.com
链接:http://www.openwall.com/lists/oss-security/2019/06/24/5
来源:FEDORA
链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/OTLN3KQYEEWWAJYA4BUYYDMWWXCJQNV2/
来源:DEBIAN
链接:https://www.debian.org/security/2019/dsa-4495
来源:usn.ubuntu.com
链接:https://usn.ubuntu.com/4031-1/
来源:www.suse.com
链接:https://www.suse.com/support/update/announcement/2019/suse-su-20191744-1.HTML
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2019.2271/
来源:vigilance.fr
链接:https://vigilance.fr/vulnerability/Linux-kernel-read-write-access-via-PowerPC-Processes-Memory-29611
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2019.2469/
来源:www.ibm.com
链接:https://www.ibm.com/blogs/psirt/security-bulletin-vyatta-5600-vrouter-software-patches-release-1801-ze-2/
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/153413/Ubuntu-Security-Notice-USN-4031-1.HTML
来源:www.nsfocus.net
链接:http://www.nsfocus.net/vulndb/43549
来源:www.securityfocus.com
链接:https://www.securityfocus.com/bid/108884
来源:nvd.nist.gov
链接:https://nvd.nist.gov/vuln/detail/CVE-2019-12817
受影响实体
暂无
补丁
- Linux kernel 安全漏洞的修复措施
评论