Linux Kernel 权限管理和访问控制漏洞

漏洞信息详情

Linux Kernel 权限管理和访问控制漏洞

• CNNVD编号：CNNVD-200505-416
• 危害等级： 低危
  
  
• CVE编号：
  CVE-2005-0204
  
• 漏洞类型：
  
  
  其他
  
• 发布时间：
  
  2005-05-02
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2009-08-15
  
• 厂        商：
  
  linux
• 漏洞来源：
  Discovery of these…

Linux kernel 2.6.9之前的版本，在运行于AMD64和Intel EM64T体系架构下时，允许本地用户通过OUTS指令向需要权限的IO端口写入。

目前厂商已经发布了升级补丁以修复这个安全问题，补丁下载链接：

RedHat Fedora Core1

RedHat kernel-2.4.22-1.2199.5.legacy.nptl.athlon.rpm

Fedora Core 1:

http://download.fedoralegacy.org/fedora/1/updates/i386/kernel-2.4.22-1 .2199.5.legacy.nptl.athlon.rpm

RedHat kernel-2.4.22-1.2199.5.legacy.nptl.i586.rpm

Fedora Core 1:

http://download.fedoralegacy.org/fedora/1/updates/i386/kernel-2.4.22-1 .2199.5.legacy.nptl.i586.rpm

RedHat kernel-2.4.22-1.2199.5.legacy.nptl.i686.rpm

Fedora Core 1:

http://download.fedoralegacy.org/fedora/1/updates/i386/kernel-2.4.22-1 .2199.5.legacy.nptl.i686.rpm

RedHat kernel-BOOT-2.4.22-1.2199.5.legacy.nptl.i386.rpm

Fedora Core 1:

http://download.fedoralegacy.org/fedora/1/updates/i386/kernel-BOOT-2.4 .22-1.2199.5.legacy.nptl.i386.rpmRedHat kernel-doc-2.4.22-1.2199.5.legacy.nptl.i386.rpm

Fedora Core 1:

http://download.fedoralegacy.org/fedora/1/updates/i386/kernel-doc-2.4. 22-1.2199.5.legacy.nptl.i386.rpm

RedHat kernel-smp-2.4.22-1.2199.5.legacy.nptl.athlon.rpm

Fedora Core 1:

http://download.fedoralegacy.org/fedora/1/updates/i386/kernel-smp-2.4. 22-1.2199.5.legacy.nptl.athlon.rpm

RedHat kernel-smp-2.4.22-1.2199.5.legacy.nptl.i586.rpm

Fedora Core 1:

http://download.fedoralegacy.org/fedora/1/updates/i386/kernel-smp-2.4. 22-1.2199.5.legacy.nptl.i586.rpm

RedHat kernel-smp-2.4.22-1.2199.5.legacy.nptl.i686.rpm

Fedora Core 1:

http://download.fedoralegacy.org/fedora/1/updates/i386/kernel-smp-2.4. 22-1.2199.5.legacy.nptl.i686.rpm

RedHat kernel-source-2.4.22-1.2199.5.legacy.nptl.i386.rpm

Fedora Core 1:

http://download.fedoralegacy.org/fedora/1/updates/i386/kernel-source-2 .4.22-1.2199.5.legacy.nptl.i386.rpm

Linux kernel 2.6

Debian kernel-headers-2.6-amd64-generic_103sarge1_amd64.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-amd64 /kernel-headers-2.6-amd64-generic_103sarge1_amd64.deb

Debian kernel-headers-2.6-amd64-k8-smp_103sarge1_amd64.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-amd64 /kernel-headers-2.6-amd64-k8-smp_103sarge1_amd64.deb

Debian kernel-headers-2.6-amd64-k8_103sarge1_amd64.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-amd64 /kernel-headers-2.6-amd64-k8_103sarge1_amd64.deb

Debian kernel-headers-2.6-em64t-p4-smp_103sarge1_amd64.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-amd64 /kernel-headers-2.6-em64t-p4-smp_103sarge1_amd64.deb

Debian kernel-headers-2.6-em64t-p4_103sarge1_amd64.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-amd64 /kernel-headers-2.6-em64t-p4_103sarge1_amd64.deb

Debian kernel-headers-2.6-generic_101sarge1_alpha.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-alpha /kernel-headers-2.6-generic_101sarge1_alpha.deb

Debian kernel-headers-2.6-itanium-smp_2.6.8-14sarge2_ia64.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64 /kernel-headers-2.6-itanium-smp_2.6.8-14sarge2_ia64.deb

Debian kernel-headers-2.6-itanium_2.6.8-14sarge2_ia64.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64 /kernel-headers-2.6-itanium_2.6.8-14sarge2_ia64.deb

Debian kernel-headers-2.6-smp_101sarge1_alpha.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-alpha /kernel-headers-2.6-smp_101sarge1_alpha.deb

Debian kernel-headers-2.6-sparc32_101sarge1_sparc.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-sparc /kernel-headers-2.6-sparc32_101sarge1_sparc.deb

Debian kernel-headers-2.6-sparc64-smp_101sarge1_sparc.deb

Debian GNU/Linux 3.1 alias sarge

http://security.debian.org/pool/updates/main/k/kernel-latest-2.6-sparc /kernel-headers-2.6-sparc64-smp_101sarge1_sparc.deb

Debian kernel-headers-2.6-sparc64_101sarge1_sparc.deb

Debian GNU/Linux 3.1 alia

来源: REDHAT

名称: RHSA-2005:092

链接:http://www.redhat.com/support/errata/RHSA-2005-092.html

来源: TRUSTIX

名称: 2006-0006

链接:http://www.trustix.org/errata/2006/0006

来源: BID

名称: 12598

链接:http://www.securityfocus.com/bid/12598

来源: REDHAT

名称: RHSA-2005:293

链接:http://www.redhat.com/support/errata/RHSA-2005-293.html

来源: SECUNIA

名称: 18784

链接:http://secunia.com/advisories/18784