NSFOCUS绿盟科技

首页 -> 安全研究

安全研究

安全漏洞

Linux O_DIRECT定向输入/输出信息泄露漏洞

发布日期：2003-02-05
更新日期：2003-02-10

受影响系统：

Linux kernel 2.4.17
Linux kernel 2.4.16
Linux kernel 2.4.15
Linux kernel 2.4.14
Linux kernel 2.4.13
Linux kernel 2.4.11
Linux kernel 2.4.10
    - SuSE Linux 7.3
Linux kernel 2.4.12
    - Conectiva Linux 7.0
Linux kernel 2.4.18
    - Mandrake Linux 8.2
    - Mandrake Linux 8.1
    - Mandrake Linux 8.0
    - RedHat Linux 8.0
    - RedHat Linux 7.3
    - RedHat Linux 7.2
    - RedHat Linux 7.1
Linux kernel 2.4.19
    - Conectiva Linux 8.0
    - Mandrake Linux 9.0

描述：

BUGTRAQ  ID: 6763
CVE(CAN) ID: CVE-2003-0018

Linux是开放内核源代码的操作系统。

某些Linux内核不正确处理O_DIRECT标记，任意拥有系统写权限的本地攻击者可以利用这个漏洞读取其他文件中受限信息。

Linux kernels 2.4.10及之后的版本在处理O_DIRECT标记上存在漏洞，可以使的任何对文件系统有写权限的用户读取部分文件信息(从以前删除过的文件中)，及产生较小的文件系统破坏(可以方便的通过fsck修复)。REDHAT LINUX使用ext3文件系统不支持O_DIRECT功能，因此不存在此问题，但是RedHat发行的2.4.18版本却存在这个漏洞。

<*来源：Red Hat Security Advisory

  链接：https://www.redhat.com/support/errata/RHSA-2003-025.html
        http://www.linux-mandrake.com/en/security/2003/MDKSA-2003-014.php
*>

建议：

厂商补丁：

MandrakeSoft
------------
MandrakeSoft已经为此发布了一个安全公告（MDKSA-2003:014）以及相应补丁:
MDKSA-2003:014：Updated kernel packages fix a number of bugs
链接：http://www.linux-mandrake.com/en/security/2003/MDKSA-2003-014.php

补丁下载：

Updated Packages:

Mandrake Linux 9.0:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/kernel-2.4.19.24mdk-1-1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/kernel-BOOT-2.4.19.24mdk-1-1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/kernel-doc-2.4.19-24mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/kernel-enterprise-2.4.19.24mdk-1-1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/kernel-secure-2.4.19.24mdk-1-1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/kernel-smp-2.4.19.24mdk-1-1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/kernel-source-2.4.19-24mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/SRPMS/kernel-2.4.19.24mdk-1-1mdk.src.rpm

上述升级软件还可以在下列地址中的任意一个镜像ftp服务器上下载：
http://www.mandrakesecure.net/en/ftp.php

RedHat
------
RedHat已经为此发布了一个安全公告（RHSA-2003:025-20）以及相应补丁:
RHSA-2003:025-20：Updated 2.4 kernel fixes various vulnerabilities
链接：https://www.redhat.com/support/errata/RHSA-2003-025.html

补丁下载：

Red Hat Linux 7.1:

SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/kernel-2.4.18-24.7.x.src.rpm

athlon:
ftp://updates.redhat.com/7.1/en/os/athlon/kernel-2.4.18-24.7.x.athlon.rpm
ftp://updates.redhat.com/7.1/en/os/athlon/kernel-smp-2.4.18-24.7.x.athlon.rpm

i386:
ftp://updates.redhat.com/7.1/en/os/i386/kernel-2.4.18-24.7.x.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-source-2.4.18-24.7.x.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-doc-2.4.18-24.7.x.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-BOOT-2.4.18-24.7.x.i386.rpm

i586:
ftp://updates.redhat.com/7.1/en/os/i586/kernel-2.4.18-24.7.x.i586.rpm
ftp://updates.redhat.com/7.1/en/os/i586/kernel-smp-2.4.18-24.7.x.i586.rpm

i686:
ftp://updates.redhat.com/7.1/en/os/i686/kernel-2.4.18-24.7.x.i686.rpm
ftp://updates.redhat.com/7.1/en/os/i686/kernel-smp-2.4.18-24.7.x.i686.rpm
ftp://updates.redhat.com/7.1/en/os/i686/kernel-bigmem-2.4.18-24.7.x.i686.rpm
ftp://updates.redhat.com/7.1/en/os/i686/kernel-debug-2.4.18-24.7.x.i686.rpm

Red Hat Linux 7.2:

SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/kernel-2.4.18-24.7.x.src.rpm

athlon:
ftp://updates.redhat.com/7.2/en/os/athlon/kernel-2.4.18-24.7.x.athlon.rpm
ftp://updates.redhat.com/7.2/en/os/athlon/kernel-smp-2.4.18-24.7.x.athlon.rpm

i386:
ftp://updates.redhat.com/7.2/en/os/i386/kernel-2.4.18-24.7.x.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-source-2.4.18-24.7.x.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-doc-2.4.18-24.7.x.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-BOOT-2.4.18-24.7.x.i386.rpm

i586:
ftp://updates.redhat.com/7.2/en/os/i586/kernel-2.4.18-24.7.x.i586.rpm
ftp://updates.redhat.com/7.2/en/os/i586/kernel-smp-2.4.18-24.7.x.i586.rpm

i686:
ftp://updates.redhat.com/7.2/en/os/i686/kernel-2.4.18-24.7.x.i686.rpm
ftp://updates.redhat.com/7.2/en/os/i686/kernel-smp-2.4.18-24.7.x.i686.rpm
ftp://updates.redhat.com/7.2/en/os/i686/kernel-bigmem-2.4.18-24.7.x.i686.rpm
ftp://updates.redhat.com/7.2/en/os/i686/kernel-debug-2.4.18-24.7.x.i686.rpm

Red Hat Linux 7.3:

SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/kernel-2.4.18-24.7.x.src.rpm

athlon:
ftp://updates.redhat.com/7.3/en/os/athlon/kernel-2.4.18-24.7.x.athlon.rpm
ftp://updates.redhat.com/7.3/en/os/athlon/kernel-smp-2.4.18-24.7.x.athlon.rpm

i386:
ftp://updates.redhat.com/7.3/en/os/i386/kernel-2.4.18-24.7.x.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/kernel-source-2.4.18-24.7.x.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/kernel-doc-2.4.18-24.7.x.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/kernel-BOOT-2.4.18-24.7.x.i386.rpm

i586:
ftp://updates.redhat.com/7.3/en/os/i586/kernel-2.4.18-24.7.x.i586.rpm
ftp://updates.redhat.com/7.3/en/os/i586/kernel-smp-2.4.18-24.7.x.i586.rpm

i686:
ftp://updates.redhat.com/7.3/en/os/i686/kernel-2.4.18-24.7.x.i686.rpm
ftp://updates.redhat.com/7.3/en/os/i686/kernel-smp-2.4.18-24.7.x.i686.rpm
ftp://updates.redhat.com/7.3/en/os/i686/kernel-bigmem-2.4.18-24.7.x.i686.rpm
ftp://updates.redhat.com/7.3/en/os/i686/kernel-debug-2.4.18-24.7.x.i686.rpm

Red Hat Linux 8.0:

SRPMS:
ftp://updates.redhat.com/8.0/en/os/SRPMS/kernel-2.4.18-24.8.0.src.rpm

athlon:
ftp://updates.redhat.com/8.0/en/os/athlon/kernel-2.4.18-24.8.0.athlon.rpm
ftp://updates.redhat.com/8.0/en/os/athlon/kernel-smp-2.4.18-24.8.0.athlon.rpm

i386:
ftp://updates.redhat.com/8.0/en/os/i386/kernel-2.4.18-24.8.0.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/kernel-source-2.4.18-24.8.0.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/kernel-doc-2.4.18-24.8.0.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/kernel-BOOT-2.4.18-24.8.0.i386.rpm

i586:
ftp://updates.redhat.com/8.0/en/os/i586/kernel-2.4.18-24.8.0.i586.rpm
ftp://updates.redhat.com/8.0/en/os/i586/kernel-smp-2.4.18-24.8.0.i586.rpm

i686:
ftp://updates.redhat.com/8.0/en/os/i686/kernel-2.4.18-24.8.0.i686.rpm
ftp://updates.redhat.com/8.0/en/os/i686/kernel-smp-2.4.18-24.8.0.i686.rpm
ftp://updates.redhat.com/8.0/en/os/i686/kernel-bigmem-2.4.18-24.8.0.i686.rpm
ftp://updates.redhat.com/8.0/en/os/i686/kernel-debug-2.4.18-24.8.0.i686.rpm
可使用下列命令安装补丁：

rpm -Fvh [文件名]

浏览次数：3045
严重程度：0（网友投票）

本安全漏洞由绿盟科技翻译整理，版权所有，未经许可，不得转载
绿盟科技给您安全的保障

关于我们: 公司介绍; 公司荣誉; 公司新闻

联系我们: 公司总部; 分支机构; 海外机构

快速链接: 绿盟云; 绿盟威胁情报中心NTI; 技术博客