安全漏洞

安全漏洞补丁公告

客户服务门户 技术服务 培训服务 常见问题 产品试用申请 技术文档下载 安全漏洞 系统更新 文档中心
当前位置  >  首页  >  服务支持  >  安全漏洞  >  安全漏洞补丁公告

公告ID(KYSA-202107-0017

公告ID:KYSA-202107-0017 公告摘要: systemd安全漏洞 等级:中等 发布日期:2022-11-23

详细介绍

1. 修复的CVE CVE-2021-33910 systemd是德国Lennart Poettering个人开发者的一款基于Linux的系统和服务管理器。该产品兼容了SysV和LSB的启动脚本,且提供了一个用来表示系统服务间依赖关系的框架。systemd 220到248版本存在安全漏洞,该漏洞源于basic/unit-name.c 的内存分配具有过大的大小值。本地攻击者可利用该漏洞将文件系统挂载在很长的路径上,通过在堆栈中分配很大的空间使systemd和整个系统崩溃。 CVE-2020-13529 systemd是德国Lennart Poettering个人开发者的一款基于Linux的系统和服务管理器。该产品兼容了SysV和LSB的启动脚本,且提供了一个用来表示系统服务间依赖关系的框架。systemd 存在安全漏洞,该漏洞源于在处理DHCP ACK数据包时使用了可预测的事务标识符。以下产品及版本受到影响:216, 217, 218, 219, 220, 221, 222, 223, 224, 225, 226, 227, 228, 229, 230, 231, 232, 233, 234, 235, 236, 237, 238, 239, 240, 241, 241 rc1, 241 rc2, 242, 242 rc1, 242 rc2, 242 rc3, 242 rc4, 243, 243 rc1, 243 rc2, 243.1, 243.2, 243.3, 243.4, 243.6, 243.7, 243.8, 243.9, 244, 244 rc1, 244.1, 244.2, 244.3, 244.4, 244.5, 245, 245 rc1, 245.1, 245.2, 245.3, 245.4, 245.5, 245.6, 245.7, 245.8, 245.9, 246, 246.1, 246.2, 246.3, 246.4, 246.5, 246.6, 246.7, 246.8, 246.9, 246.10, 246.11, 246.12, 246.13, 247, 247.1, 247.2, 247.3, 247.4, 247.5, 247.6。 2. 受影响的操作系统及软件包 ·银河麒麟桌面操作系统V10 SP1 libnss-myhostname libnss-mymachines libnss-resolve libnss-systemd libpam-systemd libsystemd-dev libsystemd0 libudev-dev libudev1 systemd systemd-container systemd-coredump systemd-journal-remote systemd-sysv systemd-tests systemd-timesyncd udev 3. 软件包修复版本 软件包:systemd 245.4-4kylin3.11k14(V10 SP1) 4. 修复方法 方法一:配置源进行升级安装 打开软件包源配置文件,根据仓库地址进行修改。 4.0.2-sp1: http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp1-desktop main restricted universe multiverse 4.0.2-sp2: http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp2-desktop main restricted universe multiverse 4.0.2-sp3: http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp3-desktop main restricted universe multiverse 4.0.2-sp4: http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp4-desktop main restricted universe multiverse 10.0: http://archive.kylinos.cn/kylin/KYLIN-ALL 10.0 main restricted universe multiverse 10.0 SP1: http://archive.kylinos.cn/kylin/KYLIN-ALL 10.1 main restricted universe multiverse 配置完成后执行更新命令进行升级 $sudo apt update 方法二:下载安装包进行升级安装 通过软件包地址下载软件包,使用软件包升级命令根据受影响的组件包列表 升级相关的组件包。 #dpkg -i Packagelists 5. 软件包下载地址 银河麒麟操作系统桌面版V10 SP1 X86_64软件包下载地址 http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-myhostname_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-mymachines_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-resolve_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-systemd_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libpam-systemd_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libsystemd-dev_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libsystemd0_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libudev-dev_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libudev1_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-container_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-coredump_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-journal-remote_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-sysv_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-tests_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-timesyncd_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd_245.4-4kylin3.11k14_amd64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/udev_245.4-4kylin3.11k14_amd64.deb arm64软件包下载地址 http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-myhostname_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-mymachines_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-resolve_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-systemd_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libpam-systemd_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libsystemd-dev_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libsystemd0_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libudev-dev_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libudev1_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-container_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-coredump_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-journal-remote_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-sysv_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-tests_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-timesyncd_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd_245.4-4kylin3.11k14_arm64.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/udev_245.4-4kylin3.11k14_arm64.deb mips64el软件包下载地址 http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-myhostname_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-mymachines_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-resolve_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libnss-systemd_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libpam-systemd_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libsystemd-dev_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libsystemd0_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libudev-dev_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/libudev1_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-container_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-coredump_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-journal-remote_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-sysv_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-tests_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd-timesyncd_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/systemd_245.4-4kylin3.11k14_mips64el.deb http://archive.kylinos.cn/kylin/KYLIN-ALL/pool/main/s/systemd/udev_245.4-4kylin3.11k14_mips64el.deb 6. 修复验证 使用软件包查询命令,查看相关的软件包版本大于或等于修复版本则成功修复。 $sudo dpkg -l |grep Package 注:Package为软件包包名。
上一篇: KYSA-202108-0004 下一篇: KYSA-202107-0012

服务热线

400-089-1870

版权所有 麒麟软件有限公司 Copyright 2020. kylinos.cn. All Rights Reserved. 网站备案号: 津ICP备15002470号-1  

试用

服务

动态

联系