Ubuntu 16.04 ESM：GCC 弱點 (USN-5770-1)

medium Nessus Plugin ID 168518

語系：

概要

遠端 Ubuntu 主機缺少安全性更新。

說明

遠端 Ubuntu 16.04 ESM 主機上安裝的多個套件受到 USN-5770-1 公告中提及的一個弱點影響。

- 在 GNU Compiler Collection (GCC) 4.6、4.7、4.8、4.9、5 版的 5.5 之前版本、6 版的 6.4 之前版本中，i386.c 的 ix86_expand_builtin 函式在某些情況下產生的指令序列會在讀取 RDRAND 和 RDSEED 內建前破壞其狀態旗標，此情況可能造成指令失敗卻未予通報。此弱點可能導致隨機產生號碼時的隨機性不足。(CVE-2017-11671)

請注意，Nessus 並未測試此問題，而是僅依據應用程式自我報告的版本號碼作出判斷。

解決方案

更新受影響的套件。

另請參閱

https://ubuntu.com/security/notices/USN-5770-1

Plugin 詳細資訊

嚴重性: Medium

ID: 168518

檔案名稱: ubuntu_USN-5770-1.nasl

版本: 1.4

類型: local

代理程式: unix

系列: Ubuntu Local Security Checks

已發布: 2022/12/8

已更新: 2023/7/10

支援的感應器: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

風險資訊

VPR

風險因素: Low

分數: 1.4

CVSS v2

風險因素: Low

基本分數: 2.1

時間分數: 1.6

媒介: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS 評分資料來源: CVE-2017-11671

CVSS v3

風險因素: Medium

基本分數: 4

時間分數: 3.5

媒介: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

時間媒介: CVSS:3.0/E:U/RL:O/RC:C

弱點資訊

CPE: cpe:/o:canonical:ubuntu_linux:16.04:-:esm, p-cpe:/a:canonical:ubuntu_linux:cpp-5, p-cpe:/a:canonical:ubuntu_linux:fixincludes, p-cpe:/a:canonical:ubuntu_linux:g%2b%2b-5, p-cpe:/a:canonical:ubuntu_linux:g%2b%2b-5-multilib, p-cpe:/a:canonical:ubuntu_linux:gcc-5, p-cpe:/a:canonical:ubuntu_linux:gcc-5-base, p-cpe:/a:canonical:ubuntu_linux:gcc-5-locales, p-cpe:/a:canonical:ubuntu_linux:gcc-5-multilib, p-cpe:/a:canonical:ubuntu_linux:gcc-5-plugin-dev, p-cpe:/a:canonical:ubuntu_linux:gcc-5-source, p-cpe:/a:canonical:ubuntu_linux:gcc-5-test-results, p-cpe:/a:canonical:ubuntu_linux:gcc-6-base, p-cpe:/a:canonical:ubuntu_linux:gccgo-5, p-cpe:/a:canonical:ubuntu_linux:gccgo-5-multilib, p-cpe:/a:canonical:ubuntu_linux:gccgo-6, p-cpe:/a:canonical:ubuntu_linux:gccgo-6-multilib, p-cpe:/a:canonical:ubuntu_linux:gcj-5, p-cpe:/a:canonical:ubuntu_linux:gcj-5-jdk, p-cpe:/a:canonical:ubuntu_linux:libgo9, p-cpe:/a:canonical:ubuntu_linux:libgomp1, p-cpe:/a:canonical:ubuntu_linux:libitm1, p-cpe:/a:canonical:ubuntu_linux:liblsan0, p-cpe:/a:canonical:ubuntu_linux:libmpx0, p-cpe:/a:canonical:ubuntu_linux:libobjc-5-dev, p-cpe:/a:canonical:ubuntu_linux:libobjc4, p-cpe:/a:canonical:ubuntu_linux:gcj-5-jre, p-cpe:/a:canonical:ubuntu_linux:gcj-5-jre-headless, p-cpe:/a:canonical:ubuntu_linux:gcj-5-jre-lib, p-cpe:/a:canonical:ubuntu_linux:gcj-5-source, p-cpe:/a:canonical:ubuntu_linux:gdc-5, p-cpe:/a:canonical:ubuntu_linux:gdc-5-multilib, p-cpe:/a:canonical:ubuntu_linux:gfortran-5, p-cpe:/a:canonical:ubuntu_linux:gfortran-5-multilib, p-cpe:/a:canonical:ubuntu_linux:gnat-5, p-cpe:/a:canonical:ubuntu_linux:gnat-5-sjlj, p-cpe:/a:canonical:ubuntu_linux:gobjc%2b%2b-5, p-cpe:/a:canonical:ubuntu_linux:gobjc%2b%2b-5-multilib, p-cpe:/a:canonical:ubuntu_linux:gobjc-5, p-cpe:/a:canonical:ubuntu_linux:gobjc-5-multilib, p-cpe:/a:canonical:ubuntu_linux:lib32asan2, p-cpe:/a:canonical:ubuntu_linux:lib32atomic1, p-cpe:/a:canonical:ubuntu_linux:lib32cilkrts5, p-cpe:/a:canonical:ubuntu_linux:lib32gcc-5-dev, p-cpe:/a:canonical:ubuntu_linux:lib32gcc1, p-cpe:/a:canonical:ubuntu_linux:lib32gfortran-5-dev, p-cpe:/a:canonical:ubuntu_linux:lib32gfortran3, p-cpe:/a:canonical:ubuntu_linux:lib32go7, p-cpe:/a:canonical:ubuntu_linux:lib32go9, p-cpe:/a:canonical:ubuntu_linux:lib32gomp1, p-cpe:/a:canonical:ubuntu_linux:lib32itm1, p-cpe:/a:canonical:ubuntu_linux:lib32lsan0, p-cpe:/a:canonical:ubuntu_linux:lib32mpx0, p-cpe:/a:canonical:ubuntu_linux:lib32objc-5-dev, p-cpe:/a:canonical:ubuntu_linux:libphobos-5-dev, p-cpe:/a:canonical:ubuntu_linux:libquadmath0, p-cpe:/a:canonical:ubuntu_linux:libsfasan2, p-cpe:/a:canonical:ubuntu_linux:libsfatomic1, p-cpe:/a:canonical:ubuntu_linux:libsfgcc-5-dev, p-cpe:/a:canonical:ubuntu_linux:libsfgcc1, p-cpe:/a:canonical:ubuntu_linux:libsfgfortran-5-dev, p-cpe:/a:canonical:ubuntu_linux:libsfgfortran3, p-cpe:/a:canonical:ubuntu_linux:libsfgomp1, p-cpe:/a:canonical:ubuntu_linux:libsfobjc-5-dev, p-cpe:/a:canonical:ubuntu_linux:libsfobjc4, p-cpe:/a:canonical:ubuntu_linux:libsfphobos-5-dev, p-cpe:/a:canonical:ubuntu_linux:libsfstdc%2b%2b-5-dev, p-cpe:/a:canonical:ubuntu_linux:libsfstdc%2b%2b6, p-cpe:/a:canonical:ubuntu_linux:libsfubsan0, p-cpe:/a:canonical:ubuntu_linux:libstdc%2b%2b-5-dev, p-cpe:/a:canonical:ubuntu_linux:libstdc%2b%2b-5-pic, p-cpe:/a:canonical:ubuntu_linux:libstdc%2b%2b6, p-cpe:/a:canonical:ubuntu_linux:libtsan0, p-cpe:/a:canonical:ubuntu_linux:libubsan0, p-cpe:/a:canonical:ubuntu_linux:libx32asan2, p-cpe:/a:canonical:ubuntu_linux:libx32atomic1, p-cpe:/a:canonical:ubuntu_linux:libx32cilkrts5, p-cpe:/a:canonical:ubuntu_linux:libx32gcc-5-dev, p-cpe:/a:canonical:ubuntu_linux:libx32gcc1, p-cpe:/a:canonical:ubuntu_linux:libx32gfortran-5-dev, p-cpe:/a:canonical:ubuntu_linux:libx32gfortran3, p-cpe:/a:canonical:ubuntu_linux:libx32go7, p-cpe:/a:canonical:ubuntu_linux:libx32go9, p-cpe:/a:canonical:ubuntu_linux:lib32objc4, p-cpe:/a:canonical:ubuntu_linux:lib32phobos-5-dev, p-cpe:/a:canonical:ubuntu_linux:lib32quadmath0, p-cpe:/a:canonical:ubuntu_linux:lib32stdc%2b%2b-5-dev, p-cpe:/a:canonical:ubuntu_linux:lib32stdc%2b%2b6, p-cpe:/a:canonical:ubuntu_linux:lib32ubsan0, p-cpe:/a:canonical:ubuntu_linux:lib64asan2, p-cpe:/a:canonical:ubuntu_linux:lib64atomic1, p-cpe:/a:canonical:ubuntu_linux:lib64cilkrts5, p-cpe:/a:canonical:ubuntu_linux:lib64gcc-5-dev, p-cpe:/a:canonical:ubuntu_linux:lib64gcc1, p-cpe:/a:canonical:ubuntu_linux:lib64gfortran-5-dev, p-cpe:/a:canonical:ubuntu_linux:lib64gfortran3, p-cpe:/a:canonical:ubuntu_linux:lib64go7, p-cpe:/a:canonical:ubuntu_linux:lib64go9, p-cpe:/a:canonical:ubuntu_linux:lib64gomp1, p-cpe:/a:canonical:ubuntu_linux:lib64itm1, p-cpe:/a:canonical:ubuntu_linux:lib64mpx0, p-cpe:/a:canonical:ubuntu_linux:lib64objc-5-dev, p-cpe:/a:canonical:ubuntu_linux:lib64objc4, p-cpe:/a:canonical:ubuntu_linux:lib64phobos-5-dev, p-cpe:/a:canonical:ubuntu_linux:lib64quadmath0, p-cpe:/a:canonical:ubuntu_linux:lib64stdc%2b%2b-5-dev, p-cpe:/a:canonical:ubuntu_linux:lib64stdc%2b%2b6, p-cpe:/a:canonical:ubuntu_linux:lib64ubsan0, p-cpe:/a:canonical:ubuntu_linux:libasan2, p-cpe:/a:canonical:ubuntu_linux:libatomic1, p-cpe:/a:canonical:ubuntu_linux:libcc1-0, p-cpe:/a:canonical:ubuntu_linux:libcilkrts5, p-cpe:/a:canonical:ubuntu_linux:libgcc-5-dev, p-cpe:/a:canonical:ubuntu_linux:libgcc1, p-cpe:/a:canonical:ubuntu_linux:libgccjit-5-dev, p-cpe:/a:canonical:ubuntu_linux:libgccjit0, p-cpe:/a:canonical:ubuntu_linux:libgcj16, p-cpe:/a:canonical:ubuntu_linux:libgcj16-awt, p-cpe:/a:canonical:ubuntu_linux:libgcj16-dev, p-cpe:/a:canonical:ubuntu_linux:libgfortran-5-dev, p-cpe:/a:canonical:ubuntu_linux:libgfortran3, p-cpe:/a:canonical:ubuntu_linux:libgnat-5, p-cpe:/a:canonical:ubuntu_linux:libgnatprj5, p-cpe:/a:canonical:ubuntu_linux:libgnatprj5-dev, p-cpe:/a:canonical:ubuntu_linux:libgnatvsn5, p-cpe:/a:canonical:ubuntu_linux:libgnatvsn5-dev, p-cpe:/a:canonical:ubuntu_linux:libgo7, p-cpe:/a:canonical:ubuntu_linux:libx32lsan0, p-cpe:/a:canonical:ubuntu_linux:libx32objc-5-dev, p-cpe:/a:canonical:ubuntu_linux:libx32objc4, p-cpe:/a:canonical:ubuntu_linux:libx32phobos-5-dev, p-cpe:/a:canonical:ubuntu_linux:libx32quadmath0, p-cpe:/a:canonical:ubuntu_linux:libx32stdc%2b%2b-5-dev, p-cpe:/a:canonical:ubuntu_linux:libx32stdc%2b%2b6, p-cpe:/a:canonical:ubuntu_linux:libx32ubsan0, p-cpe:/a:canonical:ubuntu_linux:libx32gomp1, p-cpe:/a:canonical:ubuntu_linux:libx32itm1

必要的 KB 項目: Host/cpu, Host/Debian/dpkg-l, Host/Ubuntu, Host/Ubuntu/release

可輕鬆利用: No known exploits are available

修補程式發佈日期: 2022/12/8

弱點發布日期: 2017/7/26

參考資訊

CVE: CVE-2017-11671

USN: 5770-1