Linux Distros 未修補的弱點:CVE-2021-47597
medium Nessus Plugin ID 230103
語言:
概要
Linux/Unix 主機上安裝的一個或多個套件存有弱點,供應商表示將不會修補。說明
Linux/Unix 主機上安裝了一個或多個受到弱點影響的套件,且供應商未提供可用的修補程式。- inet_diag修正 UDP 通訊端的核心資訊洩漏。KMSAN 報告可遭未授權使用者惡意利用的核心資訊洩漏 [1]。分析後發現 UDP 並未初始化 r->idiag_expires。其他 inet_sk_diag_fill() 使用者日後可能會犯相同錯誤因此請在 inet_sk_diag_fill() 中修正此問題。 [1] 錯誤KMSANinstrument_copy_to_user include/linux/instrumented.h:121 中的 kernel-infoleak [內嵌] 錯誤
KMSANcopyout lib/iov_iter.c:156 中的 kernel-infoleak [內嵌] 錯誤 KMSANkernel-infoleak in
_copy_to_iter+0x69d/0x25c0 lib/iov_iter.c:670 tool_copy_to_user include/linux/instrumented.h:121 [內嵌] copyout lib/iov_iter.c:156 [內嵌] _copy_to_iter+0x69d/0x25c0 lib/iov_iter.c:670 copy_to_iter 包含/linux/uio.h:155 [內嵌] simple_copy_to_iter+0xf3/0x140 net/core/datagram.c:519
__skb_datagram_iter+0x2cb/0x1280 net/core/datagram.c:425 skb_copy_datagram_iter+0xdc/0x270 net/core/datagram.c:533 skb_copy_datagram_msg include/linux/skbuff.h:3657 [內嵌] netlink_recvmsg+0x660/0x1c60 net/netlink/ af_netlink.c:1974 sock_recvmsg_nosec net/socket.c:944 [內嵌] sock_recvmsg net/socket.c:962 [內嵌] sock_read_iter+0x5a9/0x630 net/socket.c:1035 call_read_iter include/linux/fs.h:2156 [ inline] new_sync_read fs/read_write.c:400 [內嵌] vfs_read+0x1631/0x1980 fs/read_write.c:481 ksys_read+0x28c/0x520 fs/read_write.c:619 __do_sys_read fs/read_write.c:629 [內嵌]
__se_sys_read fs/read_write.c:627 [內嵌] __x64_sys_read+0xdb/0x120 fs/read_write.c:627 do_syscall_x64 arch/x86/entry/common.c:51 [內嵌] do_syscall_64+0x54/0xd0 arch/x86/entry/common .c:82 entry_SYSCALL_64_after_hwframe+0x44/0xae Uninit 的建立於 slab_post_alloc_hook mm/slab.h:524 [內嵌] slab_alloc_node mm/slub.c:3251 [內嵌] __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4974 kmalloc_reserve net /core/skbuff.c:354 [內嵌] __alloc_skb+0x545/0xf90 net/core/skbuff.c:426 alloc_skb include/linux/skbuff.h:1126 [內嵌] netlink_dump+0x3d5/0x16a0 net/netlink/af_netlink.c 2245
__netlink_dump_start+0xd1c/0xee0 net/netlink/af_netlink.c:2370 netlink_dump_start include/linux/netlink.h:254 [內嵌] inet_diag_handler_cmd+0x2e7/0x400 net/ipv4/inet_diag.c:1343 sock_diag_rcv_msg+0x24a/0x6244 netlink7vsk_+0x 0x800 net/netlink/af_netlink.c:2491 sock_diag_rcv+0x63/0x80 net/core/sock_diag.c:276 netlink_unicast_kernel net/netlink/af_netlink.c:1319 [內嵌] netlink_unicast+0x1095/0x1360 net/netlink/af_netlink.c 1345 netlink_sendmsg+0x16f3/0x1870 net/netlink/af_netlink.c:1916 sock_sendmsg_nosec net/socket.c:704 [內嵌] sock_sendmsg net/socket.c:724 [內嵌] sock_write_iter+0x594/0x690 net/socket.c:1057 do_iter_readv_write +0xa7f/0xc70 do_iter_write+0x52c/0x1500 fs/read_write.c:851 vfs_writev fs/read_write.c:924 [內嵌] do_writev+0x63f/0xe30 fs/read_write.c:967 __do_sys_writev fs/read_write.c:1040 [內嵌] __se_sys_writev fs/read_write.c:1037 [內嵌] __x64_sys_writev+0xe5/0x120 fs/read_write.c:1037 do_syscall_x64 arch/x86/entry/common.c:51 [內嵌] do_syscall_64+0x54 /0xd0 arch/x86/entry/common.c:82 entry_SYSCALL_64_after_hwframe+0x44/0xae 未初始化位元組 68-71 (共 312 個) 大小為 312 的記憶體存取起始於 ffff88812ab54000 資料複製到使用者位址 0000000020001440 CPU11 PID6365 通訊syz- executor801 未受污染的 5.16.0-rc3-syzkaller #0 硬體名稱Google Google Compute Engine/Google Compute Engine、BIOS Google 01/01/2011 (CVE-2021-47597)
請注意,Nessus 依賴供應商報告的套件存在。
解決方案
目前尚未有已知的解決方案。另請參閱
Plugin 詳細資訊
嚴重性: Medium
ID: 230103
檔案名稱: unpatched_CVE_2021_47597.nasl
版本: 1.2
類型: local
代理程式: unix
系列: Misc.
已發布: 2025/3/5
已更新: 2025/8/7
支援的感應器: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus
風險資訊
VPR
風險因素: Medium
分數: 4.4
CVSS v2
風險因素: Medium
基本分數: 4.9
時間性分數: 3.6
媒介: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C
CVSS 評分資料來源: CVE-2021-47597
CVSS v3
風險因素: Medium
基本分數: 5.5
時間性分數: 4.8
媒介: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
時間媒介: CVSS:3.0/E:U/RL:O/RC:C
弱點資訊
CPE: p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.0, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.11, cpe:/o:canonical:ubuntu_linux:24.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-kvm, p-cpe:/a:canonical:ubuntu_linux:linux-oracle, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-riscv, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.17, p-cpe:/a:redhat:enterprise_linux:kernel, p-cpe:/a:canonical:ubuntu_linux:linux-gcp, p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-starfive-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-azure, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.3, p-cpe:/a:canonical:ubuntu_linux:linux-raspi-realtime, p-cpe:/a:redhat:enterprise_linux:kernel-rt, p-cpe:/a:canonical:ubuntu_linux:linux-gke, p-cpe:/a:canonical:ubuntu_linux:linux-hwe, cpe:/o:canonical:ubuntu_linux:16.04:-:lts, cpe:/o:canonical:ubuntu_linux:22.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.3, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-edge, p-cpe:/a:canonical:ubuntu_linux:linux, p-cpe:/a:canonical:ubuntu_linux:linux-intel-5.13, cpe:/o:centos:centos:8, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.3, cpe:/o:redhat:enterprise_linux:8, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-azure-edge, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.0, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15, p-cpe:/a:centos:centos:kernel, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fips, p-cpe:/a:canonical:ubuntu_linux:linux-oem, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.19, cpe:/o:canonical:ubuntu_linux:18.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-allwinner-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-aws-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-aws-fips, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.3, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.0, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-fips, p-cpe:/a:canonical:ubuntu_linux:linux-raspi2, p-cpe:/a:canonical:ubuntu_linux:linux-fips, p-cpe:/a:canonical:ubuntu_linux:linux-intel-iot-realtime, p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-aws, p-cpe:/a:canonical:ubuntu_linux:linux-azure-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-gke-4.15, p-cpe:/a:canonical:ubuntu_linux:linux-starfive-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.8, cpe:/o:canonical:ubuntu_linux:14.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-realtime, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.6, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.1, cpe:/o:canonical:ubuntu_linux:20.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.14, p-cpe:/a:centos:centos:kernel-rt, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-4.15, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-6.2
必要的 KB 項目: Host/local_checks_enabled, Host/cpu, global_settings/vendor_unpatched, Host/OS/identifier
可輕鬆利用: No known exploits are available
弱點發布日期: 2022/1/26
參考資訊
CVE: CVE-2021-47597