Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFS41+ subsystem是其中的一个文件子系统。
Linux kernel中的NFS41+子系统的‘make bc_svc_process()’函数存在释放后重用漏洞。攻击者可利用该漏洞造成主机内核内存损坏及系统错误。
目前厂商已发布升级补丁以修复漏洞,补丁获取链接:
https://patchwork.kernel.org/cover/10733767/
https://patchwork.kernel.org/patch/10733769/
来源:UBUNTU
链接:https://usn.ubuntu.com/3980-2/
来源:UBUNTU
链接:https://usn.ubuntu.com/3981-1/
来源:MLIST
链接:https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html
来源:UBUNTU
链接:https://usn.ubuntu.com/3932-2/
来源:REDHAT
链接:https://access.redhat.com/errata/RHSA-2019:3309
来源:CONFIRM
链接:https://support.f5.com/csp/article/K21430012
来源:CONFIRM
链接:https://patchwork.kernel.org/cover/10733767/
来源:MLIST
链接:https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html
来源:CONFIRM
链接:https://patchwork.kernel.org/patch/10733769/
来源:BID
链接:https://www.securityfocus.com/bid/106253
来源:REDHAT
链接:https://access.redhat.com/errata/RHSA-2019:1891
来源:REDHAT
链接:https://access.redhat.com/errata/RHSA-2020:0204
来源:MISC
链接:https://www.oracle.com/security-alerts/cpuApr2021.html
来源:UBUNTU
链接:https://usn.ubuntu.com/3932-1/
来源:UBUNTU
链接:https://usn.ubuntu.com/3980-1/
来源:CONFIRM
链接:https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16884
来源:UBUNTU
链接:https://usn.ubuntu.com/3981-2/
来源:REDHAT
链接:https://access.redhat.com/errata/RHSA-2019:3517
来源:MLIST
链接:https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html
来源:REDHAT
链接:https://access.redhat.com/errata/RHSA-2019:1873
来源:BID
链接:http://www.securityfocus.com/bid/106253
来源:REDHAT
链接:https://access.redhat.com/errata/RHSA-2019:2696
来源:REDHAT
链接:https://access.redhat.com/errata/RHSA-2019:2730
来源:usn.ubuntu.com
链接:https://usn.ubuntu.com/3979-1/
来源:www.suse.com
链接:https://www.suse.com/support/update/announcement/2019/suse-su-20190541-1.html
来源:lists.debian.org
链接:https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html
来源:usn.ubuntu.com
链接:https://usn.ubuntu.com/3932-1/
来源:access.redhat.com
链接:https://access.redhat.com/errata/RHSA-2020:0204
来源:lists.debian.org
链接:https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/77958
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/152377/Ubuntu-Security-Notice-USN-3932-2.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/80918
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/75034
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/76474
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/158356/Red-Hat-Security-Advisory-2020-2854-01.html
来源:support.lenovo.com
链接:https://support.lenovo.com/us/en/product_security/LEN-29592
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.2322/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/78370
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/80234
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/152938/Ubuntu-Security-Notice-USN-3981-2.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.0262/
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/156058/Red-Hat-Security-Advisory-2020-0204-01.html
发布时间 Jan 28, 2019
发布时间 Dec 20, 2018
发布时间 Dec 4, 2018
发布时间 Nov 21, 2018
发布时间 Nov 21, 2018