CVE编号
CVE-2017-7533利用情况
暂无补丁情况
官方补丁披露时间
2017-08-06漏洞描述
Linux kernel through 4.12.4中的fsnotify实现中的争用条件允许本地用户通过精心设计的应用程序(其同时利用inotify_handle_event和vfs_rename函数的执行)获得特权或导致服务拒绝(内存损坏)。解决建议
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=49d31c2f389acfe83417083e1208422b4091cd9e
http://openwall.com/lists/oss-security/2017/08/03/2
https://bugzilla.redhat.com/show_bug.cgi?id=1468283
https://github.com/torvalds/linux/commit/49d31c2f389acfe83417083e1208422b4091cd9e
https://patchwork.kernel.org/patch/9755753/
https://patchwork.kernel.org/patch/9755757/
参考链接 |
|
|---|---|
| http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=49d... | |
| http://openwall.com/lists/oss-security/2017/08/03/2 | |
| http://www.debian.org/security/2017/dsa-3927 | |
| http://www.debian.org/security/2017/dsa-3945 | |
| http://www.openwall.com/lists/oss-security/2019/06/27/7 | |
| http://www.openwall.com/lists/oss-security/2019/06/28/1 | |
| http://www.openwall.com/lists/oss-security/2019/06/28/2 | |
| http://www.securityfocus.com/bid/100123 | |
| http://www.securitytracker.com/id/1039075 | |
| https://access.redhat.com/errata/RHSA-2017:2473 | |
| https://access.redhat.com/errata/RHSA-2017:2585 | |
| https://access.redhat.com/errata/RHSA-2017:2669 | |
| https://access.redhat.com/errata/RHSA-2017:2770 | |
| https://access.redhat.com/errata/RHSA-2017:2869 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1468283 | |
| https://github.com/torvalds/linux/commit/49d31c2f389acfe83417083e1208422b4091cd9e | |
| https://patchwork.kernel.org/patch/9755753/ | |
| https://patchwork.kernel.org/patch/9755757/ | |
| https://source.android.com/security/bulletin/2017-12-01 | |
| https://www.mail-archive.com/[email protected]/msg1408967.html |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 系统 | linux | linux_kernel | * |
Up to (including) 4.12.4 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | redhat_7 | kernel | * |
Up to (excluding) 0:3.10.0-693.1.1.el7 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | redhat_7 | kernel-rt | * |
Up to (excluding) 0:3.10.0-693.2.1.rt56.620.el7 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | sles_12 | kernel-default | * |
Up to (excluding) 4.4.74-92.32 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | ubuntu_14.04_lts | linux-aws | * |
Up to (excluding) 4.4.0-1002.2 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | ubuntu_16.04_lts | linux | * |
Up to (excluding) 4.4.0-89.112 |
|||||
- 攻击路径 本地
- 攻击复杂度 困难
- 权限要求 普通权限
- 影响范围 有限影响
- EXP成熟度 未验证
- 补丁情况 官方补丁
- 数据保密性 无影响
- 数据完整性 无影响
- 服务器危害 无影响
- 全网数量 100
还没有评论,来说两句吧...