偵測

Linux Distros 未修補的弱點:CVE-2022-48833

medium Nessus Plugin ID 225616

語言:

概要

Linux/Unix 主機上安裝的一個或多個套件存有弱點,供應商表示將不會修補。

說明

Linux/Unix 主機上安裝了一個或多個受到弱點影響的套件,且供應商未提供可用的修補程式。

 - btrfs略過在記錄清理失敗後對卸載提出的保留位元組警告在認可 c2e39305299f01 進行的最近變更之後 (btrfs 當我們無法寫入時清除範圍緩衝區 uptodate) 及其後續修正認可後 651740a5024117 (btrfs嘗試在讀取範圍緩衝區)時,我們現在可以在交易中止發生後,最終不清理記錄樹狀結構範圍緩衝區的空間保留,以及不清理靜止的已變更範圍緩衝區。會發生這種情況是因為如果記錄樹狀結構範圍緩衝區回寫失敗是因為我們已清除範圍緩衝區中的 EXTENT_BUFFER_UPTODATE 位元而且我們也已在其上設定 EXTENT_BUFFER_WRITE_ERR 位元。之後當嘗試使用 free_log_tree() 反覆使用樹狀結構來釋放記錄樹狀結構時我們最終可能會在嘗試讀取節點或分葉時遇到 -EIO 錯誤因為 read_extent_buffer_pages() 會在範圍緩衝區未設定 EXTENT_BUFFER_UPTODATE但已設定 EXTENT_BUFFER_WRITE_ERR 位元。取得 -EIO 表示我們會立即傳回因為我們無法逐一查看整個樹狀結構。在此情況下我們絕不會更新個別區塊群組與 space_info 物件中範圍緩衝區的保留空間。若發生此情況我們在卸載 fs 時會收到下列追踪[174957.284509] BTRFScleanup_transaction:1913 中的錯誤 (dm-0)errno=-5 IO 失敗 [174957.286497] ] BTRFS錯誤 (裝置 dm-0)在 free_log_tree:3420 中errno=-5 IO 失敗 [174957.399379] ------------[cut here ]------------ [174957.402497] 警告CPU 2 PID: 3206883@fs/btrfs/block-group.c:127 btrfs_put_block_group+0x77/0xb0 [btrfs] [174957.407523] 連結的模組btrfs overlay dm_zero (...) [174957.424917] CPU2 PID 3206883 Commumount 污染GW 5.16.0-rc5-btrfs-next-109 #1 [174957.426689] 硬體名稱QEMU Standard PC (i440FX + PIIX, 1996)BIOS rel-1.14.0-0-g155821a1990b-prebuilt .qemu.org 04/01/2014 [174957.428716] RIP
 0010:btrfs_put_block_group+0x77/0xb0 [btrfs] [174957.429717] 代碼21 48 8bd (...) [174957.432867] RSP
 0018:ffffb70d41cffdd0 EFLAGS00010206 [174957.433632] RAX0000000000000001 RBXffff8b09c3848000 RCX
 ffff8b0758edd1c8 [174957.434689] RDX 0000000000000001 RSIffffffffc0b467e7 RDI ffff8b0758edd000 [174957.436068] RBP ffff8b0758edd000 R080000000000000000 R090 [000000000174957.437114] 00000 R10[00000]
 0000000000000246 R110000000000000000 R12ffff8b09c3848148 [174957.438140] R13ffff8b09c3848198 R14
 ffff8b0758edd188 R15dead000000000100 [174957.439317] FS00007f328fb82800(0000) GS:ffff8b0a2d200000(0000) knlGS:000000000000000 [174957.440402] CS0010 000000CR:000000000000000000000000000000000000000000000000000000
 0000000080050033 [174957.441164] CR2: 00007fff13563e98 CR3: 0000000404f4e005 CR4: 0000000000370ee0 [174957.442117] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [174957.443076] DR3:
 0000000000000000 DR600000000fffe0ff0 DR7: 0000000000000400 [174957.443948] 呼叫追踪[174957.444264] <TASK> [174957.444538] btrfs_free_block_groups+0x255/0x3c0 [btrfs] [174957.445238] close_ctree+0x301/0x357? [btrfsfs] [174957.445803] call_rcu+0x16c/0x290 [174957.446250] generic_shutdown_super+0x74/0x120 [174957.446832] kill_anon_super+0x14/0x30 [174957.447305] btrfs_kill_super+0x12/0x20 [btrfs] [174957.447890] deactivate_locked_super+0x31/0xa0 [174957.448440] cleanup_mnt+ 0x147/0x1c0 [174957.448888] task_work_run+0x5c/0xa0 [174957.449336] exit_to_user_mode_prepare+0x1e5/0x1f0 [174957.449934] syscall_exit_to_user_mode+0x16/0x40 [174957.450512] ] do_syscall_64+174957.4516050x48 /0xc0 [174957.450980] entry_sysCALL_64_xae_ [wframe_SYSCALL_64_after_[hframe] ] RIP: 0033:0x7f328fdc4a97 [174957.452059] Code: 03 0c 00 f7 (...) [174957.454320] RSP: 002b:00007fff13564ec8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [174957.455262] RAX: 0000000000000000 RBX: 00007f328feea264 RCX: 00007f328fdc4a97 [174957.456131] RDX
 0000000000000000 RSI 00000000000000 ---truncated--- (CVE-2022-48833)

請注意,Nessus 依賴供應商報告的套件存在。

解決方案

目前尚未有已知的解決方案。

另請參閱

https://security-tracker.debian.org/tracker/CVE-2022-48833

https://ubuntu.com/security/CVE-2022-48833

Plugin 詳細資訊

嚴重性: Medium

ID: 225616

檔案名稱: unpatched_CVE_2022_48833.nasl

版本: 1.3

類型: local

代理程式: unix

系列: Misc.

已發布: 2025/3/5

已更新: 2025/8/30

支援的感應器: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

風險資訊

VPR

風險因素: Low

分數: 3.6

CVSS v2

風險因素: Medium

基本分數: 5.4

時間性分數: 4

媒介: CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:C

CVSS 評分資料來源: CVE-2022-48833

CVSS v3

風險因素: Medium

基本分數: 5.5

時間性分數: 4.8

媒介: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

時間媒介: CVSS:3.0/E:U/RL:O/RC:C

弱點資訊

CPE: cpe:/o:debian:debian_linux:11.0, cpe:/o:canonical:ubuntu_linux:20.04:-:lts, cpe:/o:canonical:ubuntu_linux:24.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe, p-cpe:/a:canonical:ubuntu_linux:linux-ibm, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.3, p-cpe:/a:canonical:ubuntu_linux:linux-hwe, p-cpe:/a:canonical:ubuntu_linux:linux-kvm, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.17, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.2, cpe:/o:canonical:ubuntu_linux:14.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.0, p-cpe:/a:canonical:ubuntu_linux:linux-raspi, p-cpe:/a:canonical:ubuntu_linux:linux-oracle, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.19, cpe:/o:canonical:ubuntu_linux:16.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-realtime, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-raspi2, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.0, p-cpe:/a:canonical:ubuntu_linux:linux-aws, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-oem, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-raspi-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-starfive-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.14, p-cpe:/a:canonical:ubuntu_linux:linux-xilinx-zynqmp, p-cpe:/a:canonical:ubuntu_linux:linux-gcp, p-cpe:/a:canonical:ubuntu_linux:linux-azure, p-cpe:/a:debian:debian_linux:linux, cpe:/o:canonical:ubuntu_linux:22.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.3, p-cpe:/a:canonical:ubuntu_linux:linux-ibm-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.3, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.6, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.8, cpe:/o:canonical:ubuntu_linux:18.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-bluefield, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-allwinner-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-raspi-realtime, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-intel-iot-realtime, p-cpe:/a:canonical:ubuntu_linux:linux-gkeop, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.3, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-edge, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.13, p-cpe:/a:canonical:ubuntu_linux:linux, p-cpe:/a:canonical:ubuntu_linux:linux-iot, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-gke-4.15, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.0, p-cpe:/a:canonical:ubuntu_linux:linux-azure-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-aws-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-gke, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-intel-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-azure-edge, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-starfive-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-4.15, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.1, p-cpe:/a:canonical:ubuntu_linux:linux-riscv, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde, p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11

必要的 KB 項目: Host/OS/identifier, Host/cpu, Host/local_checks_enabled, global_settings/vendor_unpatched

可輕鬆利用: No known exploits are available

弱點發布日期: 2024/7/16

參考資訊

CVE: CVE-2022-48833