Vulnerability BDU:2022-03028: Information

Description

Уязвимость функции llcp_sock_connect() операционной системы Linux, позволяющая нарушителю повысить свои привилегии

Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

URL: https://bdu.fstec.ru/vul/2022-03028
Published: April 15, 2021
Modified: April 15, 2021
Error type identifier: CWE-416

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
kernel-image-mpsisyphus5.11.16-alt16.8.12-alt1ALT-PU-2021-1698-1270482Fixed
kernel-image-mpp105.11.16-alt16.1.19-alt1ALT-PU-2021-1698-1270482Fixed
kernel-image-mpp95.11.16-alt15.12.16-alt1ALT-PU-2021-1869-1271829Fixed
kernel-image-mpp115.11.16-alt16.8.8-alt1ALT-PU-2021-1698-1270482Fixed
kernel-image-rpi-defsisyphus5.10.36-alt15.15.92-alt2ALT-PU-2021-1862-1272154Fixed
kernel-image-rpi-defp105.10.36-alt15.15.92-alt2ALT-PU-2021-1862-1272154Fixed
kernel-image-rpi-defp95.10.36-alt15.10.81-alt1ALT-PU-2021-1866-1272593Fixed
kernel-image-rpi-defp115.10.36-alt15.15.92-alt2ALT-PU-2021-1862-1272154Fixed
kernel-image-rpi-unsisyphus5.10.35-alt16.6.23-alt1ALT-PU-2021-1776-1271376Fixed
kernel-image-rpi-unp105.10.35-alt16.1.77-alt1ALT-PU-2021-1776-1271376Fixed
kernel-image-rpi-unp95.12.6-alt15.12.17-alt1ALT-PU-2021-1896-1273084Fixed
kernel-image-rpi-unp115.10.35-alt16.6.23-alt1ALT-PU-2021-1776-1271376Fixed
kernel-image-rtsisyphus4.19.189-alt1.rt786.1.92-alt1.rt32ALT-PU-2021-1768-1271271Fixed
kernel-image-rtp104.19.189-alt1.rt785.10.218-alt1.rt110ALT-PU-2021-1768-1271271Fixed
kernel-image-rtp94.19.189-alt1.rt784.19.189-alt1.rt78ALT-PU-2021-3430-1287828Fixed
kernel-image-rtc9f24.19.199-alt1.rt864.19.199-alt2.rt86ALT-PU-2021-2671-1283461Fixed
kernel-image-rtp114.19.189-alt1.rt786.1.90-alt2.rt30ALT-PU-2021-1768-1271271Fixed
kernel-image-std-debugsisyphus5.10.54-alt16.1.92-alt1ALT-PU-2021-2370-1281272Fixed
kernel-image-std-debugp115.10.54-alt16.1.91-alt1ALT-PU-2021-2370-1281272Fixed
kernel-image-std-defsisyphus5.10.32-alt16.1.92-alt1ALT-PU-2021-1706-1270544Fixed
kernel-image-std-defp105.10.32-alt15.10.218-alt1ALT-PU-2021-1706-1270544Fixed
kernel-image-std-defp95.4.115-alt15.4.277-alt1ALT-PU-2021-1763-1270900Fixed
kernel-image-std-defp84.9.267-alt0.M80P.14.9.337-alt0.M80P.1ALT-PU-2021-1681-1270079Fixed
kernel-image-std-defc9f25.10.32-alt0.c9f5.10.214-alt0.c9f.2ALT-PU-2021-1739-1270353Fixed
kernel-image-std-defc74.4.277-alt0.M70C.14.4.277-alt0.M70C.1ALT-PU-2021-3033-1281293Fixed
kernel-image-std-defp115.10.32-alt16.1.91-alt1ALT-PU-2021-1706-1270544Fixed
kernel-image-std-kvmsisyphus5.10.32-alt15.10.176-alt1ALT-PU-2021-1711-1270643Fixed
kernel-image-std-kvmp105.10.32-alt15.10.42-alt1ALT-PU-2021-1711-1270643Fixed
kernel-image-std-kvmp115.10.32-alt15.10.176-alt1ALT-PU-2021-1711-1270643Fixed
kernel-image-un-defsisyphus5.11.15-alt16.6.32-alt1ALT-PU-2021-1666-1270074Fixed
kernel-image-un-defsisyphus_riscv645.19.16-alt2.rv646.6.32-alt1.0.portALT-PU-2022-6777-1-Fixed
kernel-image-un-defp105.11.15-alt16.1.90-alt1ALT-PU-2021-1666-1270074Fixed
kernel-image-un-defp95.10.32-alt15.10.218-alt1ALT-PU-2021-1720-1270546Fixed
kernel-image-un-defp84.19.188-alt0.M80P.14.19.310-alt0.M80P.1ALT-PU-2021-1680-1270075Fixed
kernel-image-un-defc10f15.11.15-alt16.1.85-alt0.c10f.1ALT-PU-2021-1666-1270074Fixed
kernel-image-un-defc74.9.277-alt0.M70C.14.9.277-alt0.M70C.1ALT-PU-2021-3032-1281292Fixed
kernel-image-un-defp115.11.15-alt16.6.31-alt1ALT-PU-2021-1666-1270074Fixed

References to Advisories, Solutions, and Tools

Vulnerability Status
Подтверждена производителем
Presence of an exploit
Данные уточняются
Fix status
Уязвимость устранена
Software Type
Операционная система
Solution
Использование рекомендаций:

http://www.openwall.com/lists/oss-security/2020/11/01/1

https://www.openwall.com/lists/oss-security/2020/11/01/1


Для программных продуктов Novell Inc.:

https://www.suse.com/security/cve/CVE-2020-25671



Для Ubuntu:

https://ubuntu.com/security/CVE-2020-25671



Для Fedora:

https://lists.fedoraproject.org/archives/search?mlist=package-announce%40lists.fedoraproject.org&q=CVE-2020-25671



Для Debian GNU/Linux:

https://security-tracker.debian.org/tracker/CVE-2020-25671

Для ОС Аврора 3.2.1:
https://cve.omprussia.ru/bb10321 

Для ОС Аврора 3.2.2: 
https://cve.omprussia.ru/bb11322

Для ОС Аврора 3.2.3:
https://cve.omprussia.ru/bb12323

Для ОСОН Основа:
Обновление программного обеспечения linux до версии 5.14.9-2.osnova179.1
Sources
http://www.openwall.com/lists/oss-security/2020/11/01/1
https://cve.omprussia.ru/bb10321
https://cve.omprussia.ru/bb11322
https://cve.omprussia.ru/bb12323
https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html
https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3OASG7OEMHANDWBM5US5WKTOC76KMH/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTVACC6PGS6OSD3EYY7FZUAZT2EUMFH5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEIEGQXUW37YHZ5MTAZTDCIMHUN26NJS/
https://security.netapp.com/advisory/ntap-20210702-0008/
https://www.openwall.com/lists/oss-security/2020/11/01/1
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.4/
Other system identifiers
CVE-2020-25671
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top