漏洞类别:Amazon Linux'
漏洞等级: 
漏洞信息
The skbs processed by ip_cmsg_recv() are not guaranteed to be linear (e.g. when sending UDP packets over loopback with MSGMORE). Using csum_partial() on potentially the whole skb len is dangerous; instead be on the safe side and use skb_checksum(). This may lead to an infoleak as the kernel memory may be checksummed and sent as part of the packet. (CVE-2017-6347 )
It was discovered that xfrm_replay_verify_len(), as called by xfrm_new_ae(), did not verify that the user-specified replay_window was within the replay state buffer. This allowed for out-of-bounds reads and writes of kernel memory.(CVE-2017-7184 )
漏洞危害
Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
解决方案
Please refer to Amazon advisory ALAS-2017-811 for affected packages and patching details, or update with your package manager.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
ALAS-2017-811: Amazon Linux (kernel (4.4.51-40.60.amzn1) on noarch)
ALAS-2017-811: Amazon Linux (kernel (4.4.51-40.60.amzn1) on x86_64)
ALAS-2017-811: Amazon Linux (kernel (4.4.51-40.60.amzn1) on src)
ALAS-2017-811: Amazon Linux (kernel (4.4.51-40.60.amzn1) on i686)
0day
文章评论