漏洞信息详情

Linux kernel 缓冲区错误漏洞

• CNNVD编号：CNNVD-201906-903
• 危害等级： 高危
  
• CVE编号： CVE-2019-12817
• 漏洞类型： 缓冲区错误
• 发布时间： 2019-06-24
• 威胁类型： 本地
• 更新时间： 2022-04-19
• 厂        商：
• 漏洞来源： Ubuntu,Michael Ell...

漏洞简介

Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。

Linux kernel 5.1.15之前版本中的arch/powerpc/mm/mmu_context_book3s64.c文件存在安全漏洞。本地攻击者可利用该漏洞访问其他进程的内存内容或损坏其他进程的内存。

漏洞公告

目前厂商已发布升级补丁以修复漏洞，补丁获取链接：

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ca72d88378b2f2444d3ec145dd442d449d3fefbc

参考网址

来源:UBUNTU

链接:https://usn.ubuntu.com/4031-1/

来源:BUGTRAQ

链接:https://seclists.org/bugtraq/2019/Aug/13

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/WSKLL2374YGFQR6LSVCFGTTCRGBTLAWZ/

来源:CONFIRM

链接:https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.15

来源:SUSE

链接:http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.HTML

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2019:2703

来源:BID

链接:https://www.securityfocus.com/bid/108884

来源:access.redhat.com

链接:https://access.redhat.com/security/cve/cve-2019-12817

来源:bugzilla.redhat.com

链接:https://bugzilla.redhat.com/show_bug.cgi?id=1720616

来源:git.kernel.org

链接:https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f384796c40dc

来源:www.kernel.org

链接:http://www.kernel.org/

来源:CONFIRM

链接:https://support.f5.com/csp/article/K12876166?utm_source=f5support&utm_medium=RSS

来源:MISC

链接:https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ca72d88378b2f2444d3ec145dd442d449d3fefbc

来源:www.openwall.com

链接:http://www.openwall.com/lists/oss-security/2019/06/24/5

来源:FEDORA

链接:https://lists.fedoraproject.org/archives/list/[email protected]/message/OTLN3KQYEEWWAJYA4BUYYDMWWXCJQNV2/

来源:DEBIAN

链接:https://www.debian.org/security/2019/dsa-4495

来源:usn.ubuntu.com

链接:https://usn.ubuntu.com/4031-1/

来源:www.suse.com

链接:https://www.suse.com/support/update/announcement/2019/suse-su-20191744-1.HTML

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2019.2271/

来源:vigilance.fr

链接:https://vigilance.fr/vulnerability/Linux-kernel-read-write-access-via-PowerPC-Processes-Memory-29611

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2019.2469/

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-vyatta-5600-vrouter-software-patches-release-1801-ze-2/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/153413/Ubuntu-Security-Notice-USN-4031-1.HTML

来源:www.nsfocus.net

链接:http://www.nsfocus.net/vulndb/43549

来源:www.securityfocus.com

链接:https://www.securityfocus.com/bid/108884

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2019-12817

受影响实体

暂无

补丁

• Linux kernel 安全漏洞的修复措施