Vulnerability BDU:2021-04260: Information

Подтверждена производителем
Существует
Уязвимость устранена
Операционная система
Использование рекомендаций:
Для Linux:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21	
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d	
https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.231
https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.188
https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.267
https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.267
https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.31
https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.15
https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.113

Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/CVE-2021-22555

Для Debian:
Использование рекомендаций производителя: https://security-tracker.debian.org/tracker/CVE-2021-22555

Для ОС Astra Linux:
использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20211008SE16

Для ОС Аврора 3.2.1: 
https://cve.omprussia.ru/bb10321 

Для ОС Аврора 3.2.2:
https://cve.omprussia.ru/bb11322

Для ОС Аврора 3.2.3: 
https://cve.omprussia.ru/bb12323

Для РедОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html
http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html
http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html
http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html
http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
https://access.redhat.com/security/cve/CVE-2021-22555
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22555
https://cve.omprussia.ru/bb10321
https://cve.omprussia.ru/bb11322
https://cve.omprussia.ru/bb12323
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d
https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528
https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html
https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.231
https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.188
https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.267
https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.267
https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.31
https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.15
https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.113
https://nvd.nist.gov/vuln/detail/CVE-2021-22555
https://security.netapp.com/advisory/ntap-20210805-0010/
https://ubuntu.com/security/notices/USN-5039-1
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20211008SE16
https://www.cve.org/CVERecord?id=CVE-2021-22555
https://www.opennet.ru/opennews/art.shtml?num=55488

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
kernel-image-mp	sisyphus	5.12.4-alt1	6.8.12-alt1	ALT-PU-2021-1833-1	272140	Fixed
kernel-image-mp	p10	5.12.4-alt1	6.1.19-alt1	ALT-PU-2021-1833-1	272140	Fixed
kernel-image-mp	p9	5.12.16-alt1	5.12.16-alt1	ALT-PU-2021-3481-1	279859	Fixed
kernel-image-mp	p11	5.12.4-alt1	6.8.8-alt1	ALT-PU-2021-1833-1	272140	Fixed
kernel-image-rpi-def	sisyphus	5.10.36-alt1	5.15.92-alt2	ALT-PU-2021-1862-1	272154	Fixed
kernel-image-rpi-def	p10	5.10.36-alt1	5.15.92-alt2	ALT-PU-2021-1862-1	272154	Fixed
kernel-image-rpi-def	p9	5.10.36-alt1	5.10.81-alt1	ALT-PU-2021-1866-1	272593	Fixed
kernel-image-rpi-def	p11	5.10.36-alt1	5.15.92-alt2	ALT-PU-2021-1862-1	272154	Fixed
kernel-image-rpi-un	sisyphus	5.10.35-alt1	6.6.23-alt1	ALT-PU-2021-1776-1	271376	Fixed
kernel-image-rpi-un	p10	5.10.35-alt1	6.1.77-alt1	ALT-PU-2021-1776-1	271376	Fixed
kernel-image-rpi-un	p9	5.12.6-alt1	5.12.17-alt1	ALT-PU-2021-1896-1	273084	Fixed
kernel-image-rpi-un	p11	5.10.35-alt1	6.6.23-alt1	ALT-PU-2021-1776-1	271376	Fixed
kernel-image-rt	sisyphus	4.19.189-alt1.rt78	6.1.92-alt1.rt32	ALT-PU-2021-1768-1	271271	Fixed
kernel-image-rt	p10	4.19.189-alt1.rt78	5.10.218-alt1.rt110	ALT-PU-2021-1768-1	271271	Fixed
kernel-image-rt	p9	4.19.189-alt1.rt78	4.19.189-alt1.rt78	ALT-PU-2021-3430-1	287828	Fixed
kernel-image-rt	c9f2	4.19.199-alt1.rt86	4.19.199-alt2.rt86	ALT-PU-2021-2671-1	283461	Fixed
kernel-image-rt	p11	4.19.189-alt1.rt78	6.1.90-alt2.rt30	ALT-PU-2021-1768-1	271271	Fixed
kernel-image-std-def	sisyphus	5.10.32-alt1	6.1.92-alt1	ALT-PU-2021-1706-1	270544	Fixed
kernel-image-std-def	p10	5.10.32-alt1	5.10.218-alt1	ALT-PU-2021-1706-1	270544	Fixed
kernel-image-std-def	p9	5.4.115-alt1	5.4.277-alt1	ALT-PU-2021-1763-1	270900	Fixed
kernel-image-std-def	p8	4.9.267-alt0.M80P.1	4.9.337-alt0.M80P.1	ALT-PU-2021-1681-1	270079	Fixed
kernel-image-std-def	c9f2	5.10.32-alt0.c9f	5.10.214-alt0.c9f.2	ALT-PU-2021-1739-1	270353	Fixed
kernel-image-std-def	c7	4.4.277-alt0.M70C.1	4.4.277-alt0.M70C.1	ALT-PU-2021-3033-1	281293	Fixed
kernel-image-std-def	p11	5.10.32-alt1	6.1.91-alt1	ALT-PU-2021-1706-1	270544	Fixed
kernel-image-std-kvm	sisyphus	5.10.32-alt1	5.10.176-alt1	ALT-PU-2021-1711-1	270643	Fixed
kernel-image-std-kvm	p10	5.10.32-alt1	5.10.42-alt1	ALT-PU-2021-1711-1	270643	Fixed
kernel-image-std-kvm	p11	5.10.32-alt1	5.10.176-alt1	ALT-PU-2021-1711-1	270643	Fixed
kernel-image-un-def	sisyphus	5.12.0-alt1	6.6.32-alt1	ALT-PU-2021-1983-1	271593	Fixed
kernel-image-un-def	p10	5.12.0-alt1	6.1.90-alt1	ALT-PU-2021-1983-1	271593	Fixed
kernel-image-un-def	p9	5.10.32-alt1	5.10.218-alt1	ALT-PU-2021-1720-1	270546	Fixed
kernel-image-un-def	p8	4.19.188-alt0.M80P.1	4.19.310-alt0.M80P.1	ALT-PU-2021-1680-1	270075	Fixed
kernel-image-un-def	c10f1	5.12.0-alt1	6.1.85-alt0.c10f.1	ALT-PU-2021-1983-1	271593	Fixed
kernel-image-un-def	c7	4.9.277-alt0.M70C.1	4.9.277-alt0.M70C.1	ALT-PU-2021-3032-1	281292	Fixed
kernel-image-un-def	p11	5.12.0-alt1	6.6.31-alt1	ALT-PU-2021-1983-1	271593	Fixed

Vulnerability BDU:2021-04260: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Vulnerability Status	Подтверждена производителем
Presence of an exploit	Существует
Fix status	Уязвимость устранена
Software Type	Операционная система
Solution	Использование рекомендаций: Для Linux: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.231 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.188 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.267 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.267 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.31 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.15 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.113 Для программных продуктов Red Hat Inc.: https://access.redhat.com/security/cve/CVE-2021-22555 Для Debian: Использование рекомендаций производителя: https://security-tracker.debian.org/tracker/CVE-2021-22555 Для ОС Astra Linux: использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20211008SE16 Для ОС Аврора 3.2.1: https://cve.omprussia.ru/bb10321 Для ОС Аврора 3.2.2: https://cve.omprussia.ru/bb11322 Для ОС Аврора 3.2.3: https://cve.omprussia.ru/bb12323 Для РедОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
Sources	http://packetstormsecurity.com/files/163528/Linux-Kernel-Netfilter-Heap-Out-Of-Bounds-Write.html http://packetstormsecurity.com/files/163878/Kernel-Live-Patch-Security-Notice-LSN-0080-1.html http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html http://packetstormsecurity.com/files/164437/Netfilter-x_tables-Heap-Out-Of-Bounds-Write-Privilege-Escalation.html http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html http://repo.red-soft.ru/redos/7.3c/x86_64/updates/ https://access.redhat.com/security/cve/CVE-2021-22555 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22555 https://cve.omprussia.ru/bb10321 https://cve.omprussia.ru/bb11322 https://cve.omprussia.ru/bb12323 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528 https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.231 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.188 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.267 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.267 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.31 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.15 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.113 https://nvd.nist.gov/vuln/detail/CVE-2021-22555 https://security.netapp.com/advisory/ntap-20210805-0010/ https://ubuntu.com/security/notices/USN-5039-1 https://wiki.astralinux.ru/astra-linux-se16-bulletin-20211008SE16 https://www.cve.org/CVERecord?id=CVE-2021-22555 https://www.opennet.ru/opennews/art.shtml?num=55488
Other system identifiers	CVE-2021-22555