ALT-BU-2016-2918-3

Branch sisyphus update bulletin.

Package lm_sensors3 updated to version 3.4.0-alt1 for branch sisyphus in task 168194.

obsolete lm_sensors

свежая версия lm_sensors с поддержкой IT8603E

Package xfce4-settings updated to version 4.12.0-alt2 for branch sisyphus in task 168248.

xfsettingsd: segfault libupower-glib.so.3.0.1

Package firefox-esr updated to version 45.3.0-alt1 for branch sisyphus in task 168271.

No data currently available.

Package runc updated to version 1.0.0-alt1.git04f275d for branch sisyphus in task 168298.

Уязвимость инструмента для запуска изолированных контейнеров runc, связанная с ошибками обработки файлового дескриптора, позволяющая нарушителю выполнить произвольный код

Severity: HIGH (8.2)Vector: AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Severity: MEDIUM (6.8)Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C

References:

CVE-2019-5736

Уязвимость компонента AppArmor инструмента для запуска изолированных контейнеров runc, связанная с недостатками механизма авторизации, позволяющая нарушителю монтировать вредоносный образ Docker в каталог /proc

Severity: HIGH (7.5)Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Severity: HIGH (7.8)Vector: AV:N/AC:L/Au:N/C:N/I:C/A:N

References:

CVE-2019-16884

Уязвимость конфигурации инструмента для запуска изолированных контейнеров runc, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

Severity: HIGH (8.5)Vector: AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Severity: HIGH (8.5)Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C

References:

CVE-2021-30465

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.

Severity: MEDIUM (5.0)Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Severity: HIGH (7.5)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)

Severity: MEDIUM (4.4)Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

Severity: HIGH (7.0)Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.

Severity: CRITICAL (9.3)Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: HIGH (8.6)Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

References:

runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition.

Severity: MEDIUM (6.0)Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P

Severity: HIGH (8.5)Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

References:

mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs

Severity: HIGH (7.6)Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

References:

Incorrect Authorization in runc

Severity: HIGH (7.5)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

opencontainers runc contains procfs race condition with a shared volume mount

Severity: MEDIUM (5.9)Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U

References:

Package systemd-udev-console-fb updated to version 1.00-alt2 for branch sisyphus in task 168326.

Ошибка при загрузке ОС в 991-fb-systemd.rules

Package c-ares updated to version 1.11.0-alt1 for branch sisyphus in task 168301.

Уязвимость функции ares_parse_naptr_reply библиотеки асинхронных DNS-запросов c-ares, позволяющая нарушителю выполнить чтение за границами буфера в памяти

Severity: HIGH (7.5)Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: MEDIUM (5.0)Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

References:

CVE-2017-1000381

Heap-based buffer overflow in the ares_create_query function in c-ares 1.x before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly execute arbitrary code via a hostname with an escaped trailing dot.

Severity: HIGH (7.5)Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: CRITICAL (9.8)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

The c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way.

Severity: MEDIUM (5.0)Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: HIGH (7.5)Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

References:

Version: 2.1.2

ALT-BU-2016-2918-3

Closed bugs

Closed bugs

Closed vulnerabilities

Closed vulnerabilities

Closed bugs

Closed vulnerabilities