检测

Oracle Linux 9:内核 (ELSA-2024-8617)

high Nessus 插件 ID 210013

语言:

简介

远程 Oracle Linux 主机缺少一个或多个安全更新。

描述

远程 Oracle Linux 9 主机上安装的程序包受到 ELSA-2024-8617 公告中提及的多个漏洞影响。

 - redhat/configs:添加 CONFIG_MITIGATION_SPECTRE_BHI (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/缺陷:修复 BHI retpoline 检查 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/缺陷:使用 CONFIG_MITIGATION_SPECTRE_BHI 替换 CONFIG_SPECTRE_BHI_{ON,OFF} (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/缺陷:移除 CONFIG_BHI_MITIGATION_AUTO 和 spectre_bhi=auto (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/缺陷:明确 syscall 强化不是 BHI 缓解措施 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/缺陷:修复对 RRSBA 的 BHI 处理 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/缺陷:将“ia32_cap”变量重命名为“x86_arch_cap_msr”(Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/缺陷:缓存 MSR_IA32_ARCH_CAPABILITIES 的值 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/缺陷:修复 BHI 文档 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/缺陷:修复 spectre_bhi_state() 的返回类型 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/缺陷:将 CONFIG_SPECTRE_BHI_ON 设为默认设置 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - KVM:x86:添加 BHI_NO (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/bhi:默认缓解 KVM (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/bhi:默认添加 BHI 缓解 knob (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/bhi:枚举分支历史记录注入 (BHI) 错误 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/bhi:定义 SPEC_CTRL_BHI_DIS_S (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/bhi:添加对清除系统调用条目处的分支历史记录的支持 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/缺陷:将“spectre_v2”sysfs 文件中的逗号更改为分号 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - perf/x86/amd/lbr:根据可用性使用冻结 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - Documentation/kernel-parameters: 添加 spec_rstack_overflow 到 mitigations=off (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - scsi:core:修复未删除的 procfs 主机目录回归 (Ewan D. Milne) [RHEL-39539 RHEL-39601 RHEL-33543 RHEL-35000] {CVE-2024-26935}
 - tty:修复 imageblit 中的越界 vmalloc 访问 (Andrew Halaney) [RHEL-42095 RHEL-24205] {CVE-2021-47383}
 - block:在将完整性缓冲区写入媒体之前,将其初始化为零 (Ming Lei) [RHEL-54769 RHEL-54768] {CVE-2024-43854}
 - netfilter:nft_inner:验证强制元数据和负载 (Phil Sutter) [RHEL-47488 RHEL-47486] {CVE-2024-39504}
 - netfilter:flowtable:在使用前初始化 extack (CKI Backport Bot) [RHEL-58546 RHEL-58544] {CVE-2024-45018}
 - ext4:不要在缓冲区锁定下创建 EA inode (Carlos Maiolino) [RHEL-48285 RHEL-48282] {CVE-2024-40972}
 - ext4:将配额核算纳入 ext4_xattr_inode_lookup_create() (Carlos Maiolino) [RHEL-48285 RHEL-48282] {CVE-2024-40972}
 - ext4:修复 __ext4_fill_super() 中未初始化的 ratelimit_state->lock 访问 (Carlos Maiolino) [RHEL-48519 RHEL-48517] {CVE-2024-40998}
 - ext4:如果启用配额后挂载失败,则关闭配额 (Carlos Maiolino) [RHEL-48519 RHEL-48517] {CVE-2024-40998}
 - mptcp:修复从过时子流重新注入数据的问题 (Davide Caratti) [RHEL-59920 RHEL-32669] {CVE-2024-26826}
 - xfs:将边界检查添加到 xlog_recover_process_data (CKI Backport Bot) [RHEL-50864 RHEL-50862] {CVE-2024-41014}
 - af_unix:修复垃圾回收器与 connect() 的争用问题 (Davide Caratti) [RHEL-42771 RHEL-33410] {CVE-2024-26923}
 - xfs:不要离开目录数据块的结尾 (CKI Backport Bot) [RHEL-50887 RHEL-50885] {CVE-2024-41013}
 - ipv6:防止 rt6_probe() 中可能存在的空取消引用 (Hangbin Liu) [RHEL-48161 RHEL-45826] {CVE-2024-40960}
 - mac802154:修复 mac802154_llsec_key_del 中的 llsec 密钥资源释放问题 (Steve Best) [RHEL-42795 RHEL-34969] {CVE-2024-26961}
 - mptcp:确保连接时正确初始化 snd_una (Florian Westphal) [RHEL-47945 RHEL-47943] {CVE-2024-40931}
 - USB:class:cdc-wdm:修复过多日志消息造成的 CPU 锁定 (CKI Backport Bot) [RHEL-47560 RHEL-47558] {CVE-2024-40904}
 - xfs:为旧 h_size 补丁修复日志恢复缓冲区分配 (Bill O'Donnell) [RHEL-46481 RHEL-46479] {CVE-2024-39472}
 - tcp:添加健全性检查到 rx zerocopy (Paolo Abeni) [RHEL-58403 RHEL-29496] {CVE-2024-26640}
 - netpoll:修复 netpoll_owner_active 中的争用条件 (CKI Backport Bot) [RHEL-49373 RHEL-49371] {CVE-2024-41005}
 - wifi:mt76: mt7921s:修复芯片恢复期间潜在的挂起任务 (CKI Backport Bot) [RHEL-48321 RHEL-48319] {CVE-2024-40977}
 - net/sched: act_api:修复 tcf_idr_check_alloc() 中可能存在的无限循环漏洞 (Davide Caratti) [RHEL-48483 RHEL-44375] {CVE-2024-40995}
 - net/sched:net/sched: taprio:将最小间隔限制也扩展到整个周期 (Davide Caratti) [RHEL-44377 RHEL-44375] {CVE-2024-36244}

Tenable 已直接从 Oracle Linux 安全公告中提取上述描述块。

请注意,Nessus 尚未测试这些问题,而是只依据应用程序自我报告的版本号进行判断。

解决方案

更新受影响的程序包。

另见

https://linux.oracle.com/errata/ELSA-2024-8617.html

插件详情

严重性: High

ID: 210013

文件名: oraclelinux_ELSA-2024-8617.nasl

版本: 1.3

类型: local

代理: unix

发布时间: 2024/10/31

最近更新时间: 2025/1/3

支持的传感器: Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

风险信息

VPR

风险因素: Medium

分数: 6.7

CVSS v2

风险因素: Medium

基本分数: 6.8

时间分数: 5

矢量: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS 分数来源: CVE-2024-26961

CVSS v3

风险因素: High

基本分数: 7.8

时间分数: 6.8

矢量: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

时间矢量: CVSS:3.0/E:U/RL:O/RC:C

漏洞信息

CPE: p-cpe:/a:oracle:linux:kernel-tools-libs-devel, p-cpe:/a:oracle:linux:kernel-debug-modules-extra, cpe:/a:oracle:linux:9::codeready_builder, p-cpe:/a:oracle:linux:kernel-debug, p-cpe:/a:oracle:linux:python3-perf, p-cpe:/a:oracle:linux:kernel-tools-libs, p-cpe:/a:oracle:linux:rv, p-cpe:/a:oracle:linux:kernel-debug-modules-core, p-cpe:/a:oracle:linux:kernel-modules-extra, p-cpe:/a:oracle:linux:kernel-debug-devel-matched, p-cpe:/a:oracle:linux:kernel-devel, cpe:/o:oracle:linux:9, p-cpe:/a:oracle:linux:kernel, cpe:/a:oracle:linux:9::appstream, p-cpe:/a:oracle:linux:kernel-core, p-cpe:/a:oracle:linux:kernel-headers, p-cpe:/a:oracle:linux:kernel-devel-matched, p-cpe:/a:oracle:linux:kernel-cross-headers, p-cpe:/a:oracle:linux:kernel-debug-devel, p-cpe:/a:oracle:linux:libperf, p-cpe:/a:oracle:linux:rtla, p-cpe:/a:oracle:linux:kernel-tools, p-cpe:/a:oracle:linux:kernel-modules, p-cpe:/a:oracle:linux:kernel-uki-virt, p-cpe:/a:oracle:linux:kernel-abi-stablelists, p-cpe:/a:oracle:linux:kernel-debug-core, cpe:/o:oracle:linux:9::baseos_latest, p-cpe:/a:oracle:linux:kernel-modules-core, p-cpe:/a:oracle:linux:bpftool, cpe:/o:oracle:linux:9:4:baseos_patch, p-cpe:/a:oracle:linux:perf, p-cpe:/a:oracle:linux:kernel-debug-uki-virt, p-cpe:/a:oracle:linux:kernel-debug-modules

必需的 KB 项: Host/OracleLinux, Host/RedHat/release, Host/RedHat/rpm-list, Host/local_checks_enabled

易利用性: No known exploits are available

补丁发布日期: 2024/10/30

漏洞发布日期: 2024/2/15

参考资料信息

CVE: CVE-2021-47383, CVE-2024-2201, CVE-2024-26640, CVE-2024-26826, CVE-2024-26923, CVE-2024-26935, CVE-2024-26961, CVE-2024-36244, CVE-2024-39472, CVE-2024-39504, CVE-2024-40904, CVE-2024-40931, CVE-2024-40960, CVE-2024-40972, CVE-2024-40977, CVE-2024-40995, CVE-2024-40998, CVE-2024-41005, CVE-2024-41013, CVE-2024-41014, CVE-2024-43854, CVE-2024-45018

IAVA: 2024-A-0228-S