{"id":25608,"date":"2017-09-25T11:45:52","date_gmt":"2017-09-25T03:45:52","guid":{"rendered":"https:\/\/www.deepin.org\/?p=25608"},"modified":"2018-11-12T14:12:22","modified_gmt":"2018-11-12T06:12:22","slug":"deepin-security-updates-cve-2017-12134-cve-2017-12153-cve-2017-12154-cve-2017-1000252","status":"publish","type":"post","link":"https:\/\/www.deepin.org.cn\/zh\/deepin-security-updates-cve-2017-12134-cve-2017-12153-cve-2017-12154-cve-2017-1000252\/","title":{"rendered":"\u6df1\u5ea6\u5b89\u5168\u66f4\u65b0\uff08CVE-2017-12134 &CVE-2017-12153 &CVE-2017-12154 \u2026&CVE-2017-1000252\uff09"},"content":{"rendered":"\"zh\"<\/p>\n

\u6b64\u6b21\u5b89\u5168\u6f0f\u6d1e\u66f4\u65b0\u4e3b\u8981\u4e3alinux\u5185\u6838\u7684\u66f4\u65b0\u3002<\/p>\n

\u6f0f\u6d1e\u6982\u8ff0<\/h1>\n

CVE-2017-12134<\/a> \u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n

\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n

Xen\u76ee\u5f55\u4e0b\u7684drivers \/ xen \/ biomerge.c\u4e2d\u7684xen_biovec_phys_mergeable\u51fd\u6570\u53ef\u80fd\u5141\u8bb8\u672c\u5730\u64cd\u4f5c\u7cfb\u7edf\u8bbf\u5ba2\u7528\u6237\u7834\u574f\u8bbe\u5907\u6570\u636e\u6d41\uff0c\u4ece\u800c\u83b7\u53d6\u654f\u611f\u5185\u5b58\u4fe1\u606f\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u6216\u901a\u8fc7\u8ba1\u7b97\u5229\u7528\u9519\u8bef\u7684IO\u5408\u5e76\u83b7\u53d6\u4e3b\u673a\u64cd\u4f5c\u7cfb\u7edf\u6743\u9650<\/p>\n

 <\/p>\n

CVE-2017-12153<\/a>\u00a0\u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n

\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n

\u5728Linux\u5185\u68384.13.3\u76ee\u5f55\u4e0bnet \/ wireless \/ nl80211.c\uff0c\u5728nl80211_set_rekey_data\uff08\uff09\u51fd\u6570\u4e2d\u53d1\u73b0\u4e86\u5b89\u5168\u6f0f\u6d1e\u3002 \u6b64\u529f\u80fd\u4e0d\u4f1a\u68c0\u67e5Netlink\u8bf7\u6c42\u4e2d\u662f\u5426\u5b58\u5728\u5fc5\u9700\u7684\u5c5e\u6027\u3002 \u8be5\u8bf7\u6c42\u53ef\u4ee5\u7531\u5177\u6709CAP_NET_ADMIN\u529f\u80fd\u7684\u7528\u6237\u53d1\u51fa\uff0c\u5e76\u4e14\u53ef\u80fd\u5bfc\u81f4NULL\u6307\u9488\u89e3\u5f15\u7528\u548c\u7cfb\u7edf\u5d29\u6e83\u3002<\/p>\n

 <\/p>\n

CVE-2017-12154<\/a> \u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n

\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n

\u8be5\u66f4\u65b0\u5df2\u7ecf\u7531\u7ec4\u7ec7\u6216\u4e2a\u4eba\u4fdd\u7559\uff0c\u5c06\u5728\u5ba3\u5e03\u65b0\u7684\u5b89\u5168\u95ee\u9898\u65f6\u4f7f\u7528\u8be5\u66f4\u65b0\u3002\u66f4\u65b0\u5ba3\u4f20\u540e\uff0c\u5c06\u63d0\u4f9b\u6b64\u66f4\u65b0\u7684\u8be6\u7ec6\u8d44\u6599\u3002<\/p>\n

 <\/p>\n

CVE-2017-14051\u00a0<\/a>\u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n

\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n

\u5728Linux\u5185\u68384.12.10\u4e2d\u7684drivers \/ scsi \/ qla2xxx \/ qla_attr.c\u4e2d\u7684qla2x00_sysfs_write_optrom_ctl\u51fd\u6570\u4e2d\u7684\u6574\u6570\u6ea2\u51fa\u5141\u8bb8\u672c\u5730\u7528\u6237\u901a\u8fc7\u5229\u7528root\u8bbf\u95ee\u6765\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\uff08\u5185\u5b58\u635f\u574f\u548c\u7cfb\u7edf\u5d29\u6e83\uff09\u3002<\/p>\n

 <\/p>\n

CVE-2017-14140<\/a> \u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n

\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n

4.12.9\u7248\u672c\u4e4b\u524d\uff0c\u5728Linux\u5185\u6838\u4e2d\u7684move_pages\u7cfb\u7edf\u8c03\u7528mm \/ migrate.c\u5e76\u4e0d\u68c0\u67e5\u76ee\u6807\u8fdb\u7a0b\u7684\u6709\u6548uid\uff0c\u4f7f\u672c\u5730\u653b\u51fb\u8005\u53ef\u4ee5\u5b66\u4e60\u5c3d\u53ef\u80fd\u4f7f\u7528ASLR\u7684setuid\u53ef\u6267\u884c\u6587\u4ef6\u7684\u5185\u5b58\u5e03\u5c40\u3002<\/p>\n

 <\/p>\n

CVE-2017-14156<\/a> \u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n

\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n

Linux\u5185\u6838\u4e2d\u7684\u9a71\u52a8\u7a0b\u5e8f\/ video \/ fbdev \/ aty \/ atyfb_base.c\u4e2d\u7684atyfb_ioctl\u51fd\u6570\u4e0d\u4f1a\u521d\u59cb\u5316\u67d0\u4e2a\u6570\u636e\u7ed3\u6784\uff0c\u4ece\u800c\u5141\u8bb8\u672c\u5730\u7528\u6237\u901a\u8fc7\u8bfb\u53d6\u4e0e\u586b\u5145\u5b57\u8282\u5173\u8054\u7684\u4f4d\u7f6e\u4ece\u5185\u6838\u5806\u6808\u5185\u5b58\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002<\/p>\n

 <\/p>\n

CVE-2017-14340<\/a>\u00a0\u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n

\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n

\u57284.13.2\u4e4b\u524d\u7684Linux\u5185\u6838\u7684fs \/ xfs \/ xfs_linux.h\u4e2d\u7684XFS_IS_REALTIME_INODE\u5b8f\u4e0d\u9a8c\u8bc1\u6587\u4ef6\u7cfb\u7edf\u662f\u5426\u5177\u6709\u5b9e\u65f6\u8bbe\u5907\uff0c\u8fd9\u5141\u8bb8\u672c\u5730\u7528\u6237\u901a\u8fc7\u5411\u91cf\u76f8\u5173\u7684\u65b9\u5f0f\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\uff08NULL\u6307\u9488\u89e3\u5f15\u7528\u548cOOPS\uff09 \u5728\u76ee\u5f55\u4e0a\u8bbe\u7f6eRHINHERIT\u6807\u5fd7\u3002<\/p>\n

 <\/p>\n

CVE-2017-14489<\/a>\u00a0\u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n

\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n

4.12.9\u7248\u672c\u4e4b\u524d\uff0c\u5728Linux\u5185\u6838\u4e2d\u7684move_pages\u7cfb\u7edf\u8c03\u7528mm \/ migrate.c\u5e76\u4e0d\u68c0\u67e5\u76ee\u6807\u8fdb\u7a0b\u7684\u6709\u6548uid\uff0c\u4f7f\u672c\u5730\u653b\u51fb\u8005\u53ef\u4ee5\u5b66\u4e60\u5c3d\u53ef\u80fd\u4f7f\u7528ASLR\u7684setuid\u53ef\u6267\u884c\u6587\u4ef6\u7684\u5185\u5b58\u5e03\u5c40\u3002<\/p>\n

 <\/p>\n

CVE-2017-14497<\/a> \u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n

\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n

\u5728Linux\u5185\u68384.13\u8def\u5f84\u4e0b\u7684net \/ packet \/ af_packet.c\u4e2d\u7684tpacket_rcv\u51fd\u6570\u5728\u4e4b\u524d\u5904\u7406vnet\u6807\u5934\uff0c\u8fd9\u53ef\u80fd\u4f1a\u5bfc\u81f4\u672c\u5730\u7528\u6237\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\uff08\u7f13\u51b2\u533a\u6ea2\u51fa\uff0c\u78c1\u76d8\u548c\u5185\u5b58\u635f\u574f\uff09\u6216\u53ef\u80fd\u672a\u7ecf\u6307\u5b9a\u7684\u5176\u4ed6\u5f71\u54cd\u6216\u7cfb\u7edf\u8c03\u7528\u3002<\/p>\n

 <\/p>\n

CVE-2017-1000251<\/a>\u00a0\u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n

\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n

Linux\u5185\u6838\uff08BlueZ\uff09\u4e2d\u7684\u672c\u673a\u84dd\u7259\u5806\u6808\uff08\u4eceLinux\u5185\u6838\u7248\u672c3.3-rc1\u5f00\u59cb\u5e76\u4e14\u5305\u62ec4.13.1\uff09\u5728\u5904\u7406L2CAP\u914d\u7f6e\u54cd\u5e94\u65f6\u5bb9\u6613\u53d7\u5230\u5806\u6808\u6ea2\u51fa\u6f0f\u6d1e\u7684\u5f71\u54cd\uff0c\u5bfc\u81f4\u5728\u5185\u6838\u7a7a\u95f4\u4e2d\u8fdc\u7a0b\u6267\u884c\u4ee3\u7801\u3002<\/p>\n

 <\/p>\n

CVE-2017-1000252<\/a> \u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n

\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n

\u8be5\u66f4\u65b0\u5df2\u7ecf\u7531\u7ec4\u7ec7\u6216\u4e2a\u4eba\u4fdd\u7559\uff0c\u5c06\u5728\u5ba3\u5e03\u65b0\u7684\u5b89\u5168\u95ee\u9898\u65f6\u4f7f\u7528\u8be5\u66f4\u65b0\u3002\u66f4\u65b0\u5ba3\u4f20\u540e\uff0c\u5c06\u63d0\u4f9b\u6b64\u66f4\u65b0\u7684\u8be6\u7ec6\u8d44\u6599\u3002<\/p>\n

 <\/p>\n

\u4fee\u590d\u60c5\u51b5<\/span><\/p>\n

linux\u5185\u6838\u76f8\u5173\u7684\u5b89\u5168\u6f0f\u6d1e\u5df2\u7ecf\u5728\u6df1\u5ea6\u64cd\u4f5c\u7cfb\u7edfv15.4.1\u7684\u66f4\u65b0\u63a8\u9001\u4e2d\u4fee\u590d\u3002<\/p>\n

\u8bf7\u5404\u4f4d\u5c3d\u5feb\u66f4\u65b0\u7cfb\u7edf\u4ee5\u83b7\u53d6\u6f0f\u6d1e\u4fee\u590d\u8865\u4e01\u3002<\/p>\n

\"zh_s\"","protected":false},"excerpt":{"rendered":"

\u6b64\u6b21\u5b89\u5168\u6f0f\u6d1e\u66f4\u65b0\u4e3b\u8981\u4e3alinux\u5185\u6838\u7684\u66f4\u65b0\u3002 \u6f0f\u6d1e\u6982\u8ff0 CVE-2017-12134 \u2014 \u5b89\u5168\u66f4\u65b0 \u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a Xen\u76ee\u5f55\u4e0b\u7684drivers \/ xen \/ biomerge.c\u4e2d\u7684xen_biovec_phys_mergeable\u51fd\u6570\u53ef\u80fd\u5141\u8bb8\u672c\u5730\u64cd\u4f5c\u7cfb\u7edf\u8bbf\u5ba2\u7528\u6237\u7834\u574f\u8bbe\u5907\u6570\u636e\u6d41\uff0c\u4ece\u800c\u83b7\u53d6\u654f\u611f\u5185\u5b58\u4fe1\u606f\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u6216\u901a\u8fc7\u8ba1\u7b97\u5229\u7528\u9519\u8bef\u7684IO\u5408\u5e76\u83b7\u53d6\u4e3b\u673a\u64cd\u4f5c\u7cfb\u7edf\u6743\u9650   CVE-20 ...\u9605\u8bfb\u66f4\u591a<\/a><\/p>\n","protected":false},"author":141,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[75,93],"tags":[],"_links":{"self":[{"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/posts\/25608"}],"collection":[{"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/users\/141"}],"replies":[{"embeddable":true,"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/comments?post=25608"}],"version-history":[{"count":19,"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/posts\/25608\/revisions"}],"predecessor-version":[{"id":28531,"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/posts\/25608\/revisions\/28531"}],"wp:attachment":[{"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/media?parent=25608"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/categories?post=25608"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.deepin.org.cn\/zh\/wp-json\/wp\/v2\/tags?post=25608"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}