偵測

Oracle Linux 9:核心 (ELSA-2024-8617)

high Nessus Plugin ID 210013

語言:

概要

遠端 Oracle Linux 主機缺少一個或多個安全性更新。

說明

遠端 Oracle Linux 9 主機中安裝的套件受到 ELSA-2024-8617 公告中提及的多個弱點影響。

 - redhat/configs:新增 CONFIG_MITIGATION_SPECTRE_BHI (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/bugs:修復 BHI retpoline 檢查 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/bugs:將 CONFIG_SPECTRE_BHI_{ON,OFF} 取代為 CONFIG_MITIGATION_SPECTRE_BHI (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/bugs:移除 CONFIG_BHI_MITIGATION_AUTO 和 spectre_bhi=auto (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/bugs:闡明系統呼叫強化不是 BHI 緩解措施 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/bugs:修復 RRSBA 的 BHI 處理問題 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/bugs:將多個「ia32_cap」變數重新命名為「x86_arch_cap_msr」(Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/bugs:快取 MSR_IA32_ARCH_CAPABILITIES 的值 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/bugs:修復 BHI 說明文件 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/bugs:修復 spectre_bhi_state() 的傳回類型 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/bugs:將 CONFIG_SPECTRE_BHI_ON 設為預設設定 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - KVM:x86:新增 BHI_NO (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/bhi:根據預設減輕 KVM (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/bhi:新增 BHI mitigation knob (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/bhi:列舉分支歷史記錄插入 (BHI) 錯誤 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/bhi:定義 SPEC_CTRL_BHI_DIS_S (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/bhi:新增對於清除系統呼叫項目分支歷史記錄的支援 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - x86/錯誤:在「spectre_v2」sysfs 檔案中,將逗號變更為分號 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - perf/x86/amd/lbr:根據可用性使用凍結 (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - Documentation/kernel-parameters:新增 spec_rstack_overflow 至 mitigations=off (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
 - scsi:核心:修正未移除的 procfs 主機目錄回歸 (Ewan D. Milne) [RHEL-39539 RHEL-39601 RHEL-33543 RHEL-35000] {CVE-2024-26935}
 - tty:修正 imageblit 中的超出邊界 vmalloc 存取 (Andrew Halaney) [RHEL-42095 RHEL-24205] {CVE-2021-47383}
 - block:將完整性緩衝區初始化為零,然後再將其寫入媒體 (Ming Lei) [RHEL-54769 RHEL-54768] {CVE-2024-43854}
 - netfilter:nft_inner:驗證強制中繼和承載 (Phil Sutter) [RHEL-47488 RHEL-47486] {CVE-2024-39504}
 - netfilter:flowtable:使用前將 extack 初始化 (CKI Backport Bot) [RHEL-58546 RHEL-58544] {CVE-2024-45018}
 - ext4:不要在緩衝區鎖定下建立 EA inode (Carlos Maiolino) [RHEL-48285 RHEL-48282] {CVE-2024-40972}
 - ext4:將配額計量折疊至 ext4_xattr_inode_lookup_create() (Carlos Maiolino) [RHEL-48285 RHEL-48282] {CVE-2024-40972}
 - ext4:修正 __ext4_fill_super() 中未初始化的 ratelimit_state->lock 存取 (Carlos Maiolino) [RHEL-48519 RHEL-48517] {CVE-2024-40998}
 - ext4:如果啟用配額後掛載失敗,則關閉配額 (Carlos Maiolino) [RHEL-48519 RHEL-48517] {CVE-2024-40998}
 - mptcp:修正來自過時子流程的資料重新插入問題 (Davide Caratti) [RHEL-59920 RHEL-32669] {CVE-2024-26826}
 - xfs:將邊界檢查新增至 xlog_recover_process_data (CKI Backport Bot) [RHEL-50864 RHEL-50862] {CVE-2024-41014}
 - af_unix:修復與 connect() 爭用的記憶體回收行程 (Davide Caratti) [RHEL-42771 RHEL-33410] {CVE-2024-26923}
 - xfs:不要超出目錄資料區塊的末尾 (CKI Backport Bot) [RHEL-50887 RHEL-50885] {CVE-2024-41013}
 - ipv6:防止 rt6_probe() 中可能發生的 NULL 解除參照問題 (Hangbin Liu) [RHEL-48161 RHEL-45826] {CVE-2024-40960}
 - mac802154:修復 mac802154_llsec_key_del 中的 llsec 金鑰資源釋放問題 (Steve Best) [RHEL-42795 RHEL-34969] {CVE-2024-26961}
 - mptcp:確保 snd_una 在連接時正確初始化 (Florian Westphal) [RHEL-47945 RHEL-47943] {CVE-2024-40931}
 - USB:class:cdc-wdm:修正因過多記錄訊息造成的 CPU 鎖定 (CKI Backport Bot) [RHEL-47560 RHEL-47558] {CVE-2024-40904}
 - xfs:修復舊版 h_size 修復的記錄復原緩衝區配置問題 (Bill O'Donnell) [RHEL-46481 RHEL-46479] {CVE-2024-39472}
 - tcp:將功能健全檢查新增至 rx zerocopy (Paolo Abeni) [RHEL-58403 RHEL-29496] {CVE-2024-26640}
 - netpoll:修正 netpoll_owner_active 中的爭用情形 (CKI Backport Bot) [RHEL-49373 RHEL-49371] {CVE-2024-41005}
 - wifi:mt76:mt7921s:修正晶片復原期間可能導致任務懸置的問題 (CKI Backport Bot) [RHEL-48321 RHEL-48319] {CVE-2024-40977}
 - net/sched:act_api:修正 tcf_idr_check_alloc() 中可能發生的無限迴圈問題 (Xin Long) [RHEL-48483 RHEL-44375] {CVE-2024-40995}
 - net/sched:taprio:亦將最小間隔限制延伸至整個週期 (Davide Caratti) [RHEL-44377 RHEL-44375] {CVE-2024-36244}

Tenable 已直接從 Oracle Linux 安全公告擷取前置描述區塊。

請注意,Nessus 並未測試這些問題,而是僅依據應用程式自我報告的版本號碼作出判斷。

解決方案

更新受影響的套件。

另請參閱

https://linux.oracle.com/errata/ELSA-2024-8617.html

Plugin 詳細資訊

嚴重性: High

ID: 210013

檔案名稱: oraclelinux_ELSA-2024-8617.nasl

版本: 1.3

類型: local

代理程式: unix

已發布: 2024/10/31

已更新: 2025/1/3

支援的感應器: Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Nessus

風險資訊

VPR

風險因素: Medium

分數: 6.7

CVSS v2

風險因素: Medium

基本分數: 6.8

時間性分數: 5

媒介: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS 評分資料來源: CVE-2024-26961

CVSS v3

風險因素: High

基本分數: 7.8

時間性分數: 6.8

媒介: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

時間媒介: CVSS:3.0/E:U/RL:O/RC:C

弱點資訊

CPE: p-cpe:/a:oracle:linux:kernel-tools-libs-devel, p-cpe:/a:oracle:linux:rtla, p-cpe:/a:oracle:linux:kernel-devel, p-cpe:/a:oracle:linux:kernel-cross-headers, p-cpe:/a:oracle:linux:kernel-debug-modules, p-cpe:/a:oracle:linux:kernel-tools, p-cpe:/a:oracle:linux:rv, p-cpe:/a:oracle:linux:kernel-debug-devel, cpe:/a:oracle:linux:9::appstream, cpe:/o:oracle:linux:9, p-cpe:/a:oracle:linux:kernel-headers, p-cpe:/a:oracle:linux:kernel-debug-uki-virt, p-cpe:/a:oracle:linux:kernel-debug-modules-core, p-cpe:/a:oracle:linux:kernel-modules, p-cpe:/a:oracle:linux:kernel-debug-devel-matched, p-cpe:/a:oracle:linux:kernel-abi-stablelists, cpe:/a:oracle:linux:9::codeready_builder, p-cpe:/a:oracle:linux:kernel-devel-matched, p-cpe:/a:oracle:linux:kernel-debug, p-cpe:/a:oracle:linux:kernel-core, p-cpe:/a:oracle:linux:kernel-modules-core, p-cpe:/a:oracle:linux:kernel-uki-virt, p-cpe:/a:oracle:linux:libperf, p-cpe:/a:oracle:linux:kernel-debug-modules-extra, p-cpe:/a:oracle:linux:python3-perf, p-cpe:/a:oracle:linux:bpftool, p-cpe:/a:oracle:linux:kernel-debug-core, cpe:/o:oracle:linux:9:4:baseos_patch, p-cpe:/a:oracle:linux:perf, p-cpe:/a:oracle:linux:kernel-modules-extra, cpe:/o:oracle:linux:9::baseos_latest, p-cpe:/a:oracle:linux:kernel-tools-libs, p-cpe:/a:oracle:linux:kernel

必要的 KB 項目: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/OracleLinux

可輕鬆利用: No known exploits are available

修補程式發佈日期: 2024/10/30

弱點發布日期: 2024/2/15

參考資訊

CVE: CVE-2021-47383, CVE-2024-2201, CVE-2024-26640, CVE-2024-26826, CVE-2024-26923, CVE-2024-26935, CVE-2024-26961, CVE-2024-36244, CVE-2024-39472, CVE-2024-39504, CVE-2024-40904, CVE-2024-40931, CVE-2024-40960, CVE-2024-40972, CVE-2024-40977, CVE-2024-40995, CVE-2024-40998, CVE-2024-41005, CVE-2024-41013, CVE-2024-41014, CVE-2024-43854, CVE-2024-45018

IAVA: 2024-A-0228-S