CVE编号
CVE-2002-1319利用情况
暂无补丁情况
N/A披露时间
2002-12-11漏洞描述
Linux内核2.4.20及更早版本和2.5.x在x86系统上运行时,允许本地用户通过仿真模式导致拒绝服务(挂起),这模式不能正确清除TF和NT EFLAG。解决建议
Linux-----Linus Torvalds 已经发布了升级补丁以修复这个安全问题:# The following is the BitKeeper ChangeSet Log# --------------------------------------------# 02/11/14 [email protected] 1.848# Fix impressive call gate misuse DoS reported on bugtraq.# --------------------------------------------# 02/11/14 [email protected] 1.849# Duh. Fix the other lcall entry point too.# --------------------------------------------#diff -Nru a/arch/i386/kernel/entry.S b/arch/i386/kernel/entry.S--- a/arch/i386/kernel/entry.S Thu Nov 14 09:59:08 2002+++ b/arch/i386/kernel/entry.S Thu Nov 14 09:59:08 2002@@ -66,7 +66,9 @@OLDSS = 0x38CF_MASK = 0x00000001+TF_MASK = 0x00000100IF_MASK = 0x00000200+DF_MASK = 0x00000400NT_MASK = 0x00004000VM_MASK = 0x00020000@@ -134,6 +136,17 @@movl %eax,EFLAGS(%esp) #movl %edx,EIP(%esp) # Now we move them to their "normal" placesmovl %ecx,CS(%esp) #++ #+ # Call gates don't clear TF and NT in eflags like+ # traps do, so we need to do it ourselves.+ # %eax already contains eflags (but it may have+ # DF set, clear that also+ #+ andl $~(DF_MASK | TF_MASK | NT_MASK),%eax+ pushl %eax+ popfl+movl %esp, %ebxpushl %ebxandl $-8192, %ebx # GET_THREAD_INFO@@ -156,6 +169,17 @@movl %eax,EFLAGS(%esp) #movl %edx,EIP(%esp) # Now we move them to their "normal" placesmovl %ecx,CS(%esp) #++ #+ # Call gates don't clear TF and NT in eflags like+ # traps do, so we need to do it ourselves.+ # %eax already contains eflags (but it may have+ # DF set, clear that also+ #+ andl $~(DF_MASK | TF_MASK | NT_MASK),%eax+ pushl %eax+ popfl+movl %esp, %ebxpushl %ebxandl $-8192, %ebx # GET_THREAD_INFOTrustix-------Trustix已经为此发布了一个安全公告(TSLSA-2002-0077)以及相应补丁:TSLSA-2002-0077:kernel链接:http://www.trustix.net/errata/misc/2002/TSL-2002-0077-kernel.asc.txt补丁下载:http://www.trustix.net/pub/Trustix/updates/RedHat------RedHat已经为此发布了一个安全公告(RHSA-2002:264-05)以及相应补丁:RHSA-2002:264-05:New kernel 2.2 packages fix local denial of service issue链接:https://www.redhat.com/support/errata/RHSA-2002-264.html补丁下载:Red Hat Linux 6.2:SRPMS:ftp://updates.redhat.com/6.2/en/os/SRPMS/kernel-2.2.22-6.2.3.src.rpmi386:ftp://updates.redhat.com/6.2/en/os/i386/kernel-smp-2.2.22-6.2.3.i386.rpmftp://updates.redhat.com/6.2/en/os/i386/kernel-2.2.22-6.2.3.i386.rpmftp://updates.redhat.com/6.2/en/os/i386/kernel-BOOT-2.2.22-6.2.3.i386.rpmftp://updates.redhat.com/6.2/en/os/i386/kernel-ibcs-2.2.22-6.2.3.i386.rpmftp://updates.redhat.com/6.2/en/os/i386/kernel-utils-2.2.22-6.2.3.i386.rpmftp://updates.redhat.com/6.2/en/os/i386/kernel-pcmcia-cs-2.2.22-6.2.3.i386.rpmftp://updates.redhat.com/6.2/en/os/i386/kernel-doc-2.2.22-6.2.3.i386.rpmftp://updates.redhat.com/6.2/en/os/i386/kernel-headers-2.2.22-6.2.3.i386.rpmftp://updates.redhat.com/6.2/en/os/i386/kernel-source-2.2.22-6.2.3.i386.rpmi586:ftp://updates.redhat.com/6.2/en/os/i586/kernel-smp-2.2.22-6.2.3.i586.rpmftp://updates.redhat.com/6.2/en/os/i586/kernel-2.2.22-6.2.3.i586.rpmi686:ftp://updates.redhat.com/6.2/en/os/i686/kernel-enterprise-2.2.22-6.2.3.i686.rpmftp://updates.redhat.com/6.2/en/os/i686/kernel-smp-2.2.22-6.2.3.i686.rpmftp://updates.redhat.com/6.2/en/os/i686/kernel-2.2.22-6.2.3.i686.rpmRed Hat Linux 7.0:SRPMS:ftp://updates.redhat.com/7.0/en/os/SRPMS/kernel-2.2.22-7.0.3.src.rpmi386:ftp://updates.redhat.com/7.0/en/os/i386/kernel-smp-2.2.22-7.0.3.i386.rpmftp://updates.redhat.com/7.0/en/os/i386/kernel-2.2.22-7.0.3.i386.rpmftp://updates.redhat.com/7.0/en/os/i386/kernel-BOOT-2.2.22-7.0.3.i386.rpmftp://updates.redhat.com/7.0/en/os/i386/kernel-ibcs-2.2.22-7.0.3.i386.rpmftp://updates.redhat.com/7.0/en/os/i386/kernel-utils-2.2.22-7.0.3.i386.rpmftp://updates.redhat.com/7.0/en/os/i386/kernel-pcmcia-cs-2.2.22-7.0.3.i386.rpmftp://updates.redhat.com/7.0/en/os/i386/kernel-doc-2.2.22-7.0.3.i386.rpmftp://updates.redhat.com/7.0/en/os/i386/kernel-source-2.2.22-7.0.3.i386.rpmi586:ftp://updates.redhat.com/7.0/en/os/i586/kernel-smp-2.2.22-7.0.3.i586.rpmftp://updates.redhat.com/7.0/en/os/i586/kernel-2.2.22-7.0.3.i586.rpmi686:ftp://updates.redhat.com/7.0/en/os/i686/kernel-enterprise-2.2.22-7.0.3.i686.rpmftp://updates.redhat.com/7.0/en/os/i686/kernel-smp-2.2.22-7.0.3.i686.rpmftp://updates.redhat.com/7.0/en/os/i686/kernel-2.2.22-7.0.3.i686.rpmRedHat已经为此发布了一个安全公告(RHSA-2002:262-07)以及相应补丁:RHSA-2002:262-07:New kernel fixes local denial of service issue链接:https://www.redhat.com/support/errata/RHSA-2002-262.html补丁下载:Red Hat Linux 7.1:SRPMS:ftp://updates.redhat.com/7.1/en/os/SRPMS/kernel-2.4.18-18.7.x.src.rpmathlon:ftp://updates.redhat.com/7.1/en/os/athlon/kernel-2.4.18-18.7.x.athlon.rpmftp://updates.redhat.com/7.1/en/os/athlon/kernel-smp-2.4.18-18.7.x.athlon.rpmi386:ftp://updates.redhat.com/7.1/en/os/i386/kernel-2.4.18-18.7.x.i386.rpmftp://updates.redhat.com/7.1/en/os/i386/kernel-source-2.4.18-18.7.x.i386.rpmftp://updates.redhat.com/7.1/en/os/i386/kernel-doc-2.4.18-18.7.x.i386.rpmftp://updates.redhat.com/7.1/en/os/i386/kernel-BOOT-2.4.18-18.7.x.i386.rpmi586:ftp://updates.redhat.com/7.1/en/os/i586/kernel-2.4.18-18.7.x.i586.rpmftp://updates.redhat.com/7.1/en/os/i586/kernel-smp-2.4.18-18.7.x.i586.rpmi686:ftp://updates.redhat.com/7.1/en/os/i686/kernel-2.4.18-18.7.x.i686.rpmftp://updates.redhat.com/7.1/en/os/i686/kernel-smp-2.4.18-18.7.x.i686.rpmftp://updates.redhat.com/7.1/en/os/i686/kernel-bigmem-2.4.18-18.7.x.i686.rpmftp://updates.redhat.com/7.1/en/os/i686/kernel-debug-2.4.18-18.7.x.i686.rpmRed Hat Linux 7.2:SRPMS:ftp://updates.redhat.com/7.2/en/os/SRPMS/kernel-2.4.18-18.7.x.src.rpmathlon:ftp://updates.redhat.com/7.2/en/os/athlon/kernel-2.4.18-18.7.x.athlon.rpmftp://updates.redhat.com/7.2/en/os/athlon/kernel-smp-2.4.18-18.7.x.athlon.rpmi386:ftp://updates.redhat.com/7.2/en/os/i386/kernel-2.4.18-18.7.x.i386.rpmftp://updates.redhat.com/7.2/en/os/i386/kernel-source-2.4.18-18.7.x.i386.rpmftp://updates.redhat.com/7.2/en/os/i386/kernel-doc-2.4.18-18.7.x.i386.rpmftp://updates.redhat.com/7.2/en/os/i386/kernel-BOOT-2.4.18-18.7.x.i386.rpmi586:ftp://updates.redhat.com/7.2/en/os/i586/kernel-2.4.18-18.7.x.i586.rpmftp://updates.redhat.com/7.2/en/os/i586/kernel-smp-2.4.18-18.7.x.i586.rpmi686:ftp://updates.redhat.com/7.2/en/os/i686/kernel-2.4.18-18.7.x.i686.rpmftp://updates.redhat.com/7.2/en/os/i686/kernel-smp-2.4.18-18.7.x.i686.rpmftp://updates.redhat.com/7.2/en/os/i686/kernel-bigmem-2.4.18-18.7.x.i686.rpmftp://updates.redhat.com/7.2/en/os/i686/kernel-debug-2.4.18-18.7.x.i686.rpmRed Hat Linux 7.3:SRPMS:ftp://updates.redhat.com/7.3/en/os/SRPMS/kernel-2.4.18-18.7.x.src.rpmathlon:ftp://updates.redhat.com/7.3/en/os/athlon/kernel-2.4.18-18.7.x.athlon.rpmftp://updates.redhat.com/7.3/en/os/athlon/kernel-smp-2.4.18-18.7.x.athlon.rpmi386:ftp://updates.redhat.com/7.3/en/os/i386/kernel-2.4.18-18.7.x.i386.rpmftp://updates.redhat.com/7.3/en/os/i386/kernel-source-2.4.18-18.7.x.i386.rpmftp://updates.redhat.com/7.3/en/os/i386/kernel-doc-2.4.18-18.7.x.i386.rpmftp://updates.redhat.com/7.3/en/os/i386/kernel-BOOT-2.4.18-18.7.x.i386.rpmi586:ftp://updates.redhat.com/7.3/en/os/i586/kernel-2.4.18-18.7.x.i586.rpmftp://updates.redhat.com/7.3/en/os/i586/kernel-smp-2.4.18-18.7.x.i586.rpmi686:ftp://updates.redhat.com/7.3/en/os/i686/kernel-2.4.18-18.7.x.i686.rpmftp://updates.redhat.com/7.3/en/os/i686/kernel-smp-2.4.18-18.7.x.i686.rpmftp://updates.redhat.com/7.3/en/os/i686/kernel-bigmem-2.4.18-18.7.x.i686.rpmftp://updates.redhat.com/7.3/en/os/i686/kernel-debug-2.4.18-18.7.x.i686.rpmRed Hat Linux 8.0:SRPMS:ftp://updates.redhat.com/8.0/en/os/SRPMS/kernel-2.4.18-18.8.0.src.rpmathlon:ftp://updates.redhat.com/8.0/en/os/athlon/kernel-2.4.18-18.8.0.athlon.rpmftp://updates.redhat.com/8.0/en/os/athlon/kernel-smp-2.4.18-18.8.0.athlon.rpmi386:ftp://updates.redhat.com/8.0/en/os/i386/kernel-2.4.18-18.8.0.i386.rpmftp://updates.redhat.com/8.0/en/os/i386/kernel-source-2.4.18-18.8.0.i386.rpmftp://updates.redhat.com/8.0/en/os/i386/kernel-doc-2.4.18-18.8.0.i386.rpmftp://updates.redhat.com/8.0/en/os/i386/kernel-BOOT-2.4.18-18.8.0.i386.rpmi586:ftp://updates.redhat.com/8.0/en/os/i586/kernel-2.4.18-18.8.0.i586.rpmftp://updates.redhat.com/8.0/en/os/i586/kernel-smp-2.4.18-18.8.0.i586.rpmi686:ftp://updates.redhat.com/8.0/en/os/i686/kernel-2.4.18-18.8.0.i686.rpmftp://updates.redhat.com/8.0/en/os/i686/kernel-smp-2.4.18-18.8.0.i686.rpmftp://updates.redhat.com/8.0/en/os/i686/kernel-bigmem-2.4.18-18.8.0.i686.rpmftp://updates.redhat.com/8.0/en/os/i686/kernel-debug-2.4.18-18.8.0.i686.rpmftp://updates.redhat.com/8.0/en/os/i686/kernel-uml-2.4.18-18.8.0.i686.rpm可使用下列命令安装补丁:rpm -Fvh [文件名]
参考链接 |
|
|---|---|
| http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000553 | |
| http://marc.info/?l=bugtraq&m=103714004623587&w=2 | |
| http://marc.info/?l=bugtraq&m=103737292709297&w=2 | |
| http://rhn.redhat.com/errata/RHSA-2002-262.html | |
| http://rhn.redhat.com/errata/RHSA-2002-264.html | |
| http://www.redhat.com/support/errata/RHSA-2002-263.html | |
| http://www.securityfocus.com/bid/6115 | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/10576 |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.2.13 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.2.14 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.2.15 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.2.16 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.2.17 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.2.18 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.2.19 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.2.20 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.2.21 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.4.1 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.4.10 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.4.11 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.4.12 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.4.13 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.4.14 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.4.15 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.4.16 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.4.17 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.4.18 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.4.19 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.4.2 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.4.3 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.4.4 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.4.5 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.4.6 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.4.7 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.4.8 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | 2.4.9 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | trustix | secure_linux | 1.1 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | trustix | secure_linux | 1.2 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | trustix | secure_linux | 1.5 | - | |||||
- 攻击路径 本地
- 攻击复杂度 低
- 权限要求 无
- 影响范围 N/A
- 用户交互 无
- 可用性 部分地
- 保密性 无
- 完整性 无
还没有评论,来说两句吧...