首页 -> 安全研究
安全研究
安全漏洞
Linux Kernel IOPERM系统调用I/O端口访问漏洞
发布日期:2003-05-14
更新日期:2003-05-20
受影响系统:
Linux kernel 2.5.9描述:
Linux kernel 2.5.8
Linux kernel 2.5.7
Linux kernel 2.5.69
Linux kernel 2.5.68
Linux kernel 2.5.67
Linux kernel 2.5.66
Linux kernel 2.5.65
Linux kernel 2.5.64
Linux kernel 2.5.63
Linux kernel 2.5.62
Linux kernel 2.5.61
Linux kernel 2.5.60
Linux kernel 2.5.6
Linux kernel 2.5.59
Linux kernel 2.5.58
Linux kernel 2.5.57
Linux kernel 2.5.56
Linux kernel 2.5.55
Linux kernel 2.5.54
Linux kernel 2.5.53
Linux kernel 2.5.52
Linux kernel 2.5.51
Linux kernel 2.5.50
Linux kernel 2.5.5
Linux kernel 2.5.49
Linux kernel 2.5.48
Linux kernel 2.5.47
Linux kernel 2.5.46
Linux kernel 2.5.45
Linux kernel 2.5.44
Linux kernel 2.5.43
Linux kernel 2.5.42
Linux kernel 2.5.41
Linux kernel 2.5.40
Linux kernel 2.5.4
Linux kernel 2.5.39
Linux kernel 2.5.38
Linux kernel 2.5.37
Linux kernel 2.5.36
Linux kernel 2.5.35
Linux kernel 2.5.34
Linux kernel 2.5.33
Linux kernel 2.5.32
Linux kernel 2.5.31
Linux kernel 2.5.31
Linux kernel 2.5.30
Linux kernel 2.5.3
Linux kernel 2.5.29
Linux kernel 2.5.28
Linux kernel 2.5.27
Linux kernel 2.5.26
Linux kernel 2.5.25
Linux kernel 2.5.24
Linux kernel 2.5.23
Linux kernel 2.5.22
Linux kernel 2.5.21
Linux kernel 2.5.20
Linux kernel 2.5.2
Linux kernel 2.5.19
Linux kernel 2.5.18
Linux kernel 2.5.17
Linux kernel 2.5.16
Linux kernel 2.5.15
Linux kernel 2.5.14
Linux kernel 2.5.13
Linux kernel 2.5.12
Linux kernel 2.5.11
Linux kernel 2.5.10
Linux kernel 2.5.1
Linux kernel 2.5.0
Linux kernel 2.4.9
Linux kernel 2.4.8
Linux kernel 2.4.7
Linux kernel 2.4.6
Linux kernel 2.4.5
Linux kernel 2.4.4
Linux kernel 2.4.3
Linux kernel 2.4.20
Linux kernel 2.4.2
Linux kernel 2.4.19
Linux kernel 2.4.17
Linux kernel 2.4.16
Linux kernel 2.4.15
Linux kernel 2.4.14
Linux kernel 2.4.13
Linux kernel 2.4.12
Linux kernel 2.4.11
Linux kernel 2.4.10
Linux kernel 2.4.1
Linux kernel 2.4
Linux kernel 2.4.18
- Debian Linux 3.0
- Mandrake Linux 9.0
- Mandrake Linux 8.2
- RedHat Linux 8.0
- RedHat Linux 7.3
- Slackware Linux 8.1
- Slackware Linux 8.0
BUGTRAQ ID: 7600
CVE(CAN) ID: CVE-2003-0246
Linux Kernel是开放源代码的Linux内核系统。
Linux的ioperm系统调用存在程序设计错误,本地攻击者可以利用这个漏洞读/写访问系统的I/O端口。
ioperm由于设计问题可允许非特权用户获得对系统I/O端口的读和写访问。当特权进程使用时,ioperm系统调用也会不正确地限制权限。
<*来源:Martin J. Bligh (mbligh@aracnet.com)
链接:http://marc.theaimsgroup.com/?l=linux-kernel&m=105271679705571&w=2
https://www.redhat.com/support/errata/RHSA-2003-172.html
*>
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* Linux 2.5.69版本中未测试和非官方补丁如下:
diff -urN linux-2.5.64-bk5/arch/i386/kernel/ioport.c linux/arch/i386/kernel/ioport.c
--- linux-2.5.64-bk5/arch/i386/kernel/ioport.c2003-02-24 14:59:03.000000000 -0500
+++ linux/arch/i386/kernel/ioport.c2003-03-14 10:19:48.000000000 -0500
@@ -84,15 +84,17 @@
t->ts_io_bitmap = bitmap;
}
-tss = init_tss + get_cpu();
-if (bitmap)
-tss->bitmap = IO_BITMAP_OFFSET;/* Activate it in the TSS */
-
/*
* do it in the per-thread copy and in the TSS ...
*/
set_bitmap(t->ts_io_bitmap, from, num, !turn_on);
-set_bitmap(tss->io_bitmap, from, num, !turn_on);
+tss = init_tss + get_cpu();
+if (tss->bitmap == IO_BITMAP_OFFSET) { /* already active? */
+set_bitmap(tss->io_bitmap, from, num, !turn_on);
+} else {
+memcpy(tss->io_bitmap, t->ts_io_bitmap, IO_BITMAP_BYTES);
+tss->bitmap = IO_BITMAP_OFFSET;/* Activate it in the TSS */
+}
put_cpu();
out:
return ret;
厂商补丁:
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2003:172-00)以及相应补丁:
RHSA-2003:172-00:Updated 2.4 kernel fixes security vulnerabilities and various bugs
链接:https://www.redhat.com/support/errata/RHSA-2003-172.html
补丁下载:
Red Hat Linux 7.1:
SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/kernel-2.4.20-13.7.src.rpm
athlon:
ftp://updates.redhat.com/7.1/en/os/athlon/kernel-2.4.20-13.7.athlon.rpm
ftp://updates.redhat.com/7.1/en/os/athlon/kernel-smp-2.4.20-13.7.athlon.rpm
i386:
ftp://updates.redhat.com/7.1/en/os/i386/kernel-2.4.20-13.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-source-2.4.20-13.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-doc-2.4.20-13.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-BOOT-2.4.20-13.7.i386.rpm
i586:
ftp://updates.redhat.com/7.1/en/os/i586/kernel-2.4.20-13.7.i586.rpm
ftp://updates.redhat.com/7.1/en/os/i586/kernel-smp-2.4.20-13.7.i586.rpm
i686:
ftp://updates.redhat.com/7.1/en/os/i686/kernel-2.4.20-13.7.i686.rpm
ftp://updates.redhat.com/7.1/en/os/i686/kernel-smp-2.4.20-13.7.i686.rpm
ftp://updates.redhat.com/7.1/en/os/i686/kernel-bigmem-2.4.20-13.7.i686.rpm
Red Hat Linux 7.2:
SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/kernel-2.4.20-13.7.src.rpm
athlon:
ftp://updates.redhat.com/7.2/en/os/athlon/kernel-2.4.20-13.7.athlon.rpm
ftp://updates.redhat.com/7.2/en/os/athlon/kernel-smp-2.4.20-13.7.athlon.rpm
i386:
ftp://updates.redhat.com/7.2/en/os/i386/kernel-2.4.20-13.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-source-2.4.20-13.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-doc-2.4.20-13.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-BOOT-2.4.20-13.7.i386.rpm
i586:
ftp://updates.redhat.com/7.2/en/os/i586/kernel-2.4.20-13.7.i586.rpm
ftp://updates.redhat.com/7.2/en/os/i586/kernel-smp-2.4.20-13.7.i586.rpm
i686:
ftp://updates.redhat.com/7.2/en/os/i686/kernel-2.4.20-13.7.i686.rpm
ftp://updates.redhat.com/7.2/en/os/i686/kernel-smp-2.4.20-13.7.i686.rpm
ftp://updates.redhat.com/7.2/en/os/i686/kernel-bigmem-2.4.20-13.7.i686.rpm
Red Hat Linux 7.3:
SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/kernel-2.4.20-13.7.src.rpm
athlon:
ftp://updates.redhat.com/7.3/en/os/athlon/kernel-2.4.20-13.7.athlon.rpm
ftp://updates.redhat.com/7.3/en/os/athlon/kernel-smp-2.4.20-13.7.athlon.rpm
i386:
ftp://updates.redhat.com/7.3/en/os/i386/kernel-2.4.20-13.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/kernel-source-2.4.20-13.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/kernel-doc-2.4.20-13.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/kernel-BOOT-2.4.20-13.7.i386.rpm
i586:
ftp://updates.redhat.com/7.3/en/os/i586/kernel-2.4.20-13.7.i586.rpm
ftp://updates.redhat.com/7.3/en/os/i586/kernel-smp-2.4.20-13.7.i586.rpm
i686:
ftp://updates.redhat.com/7.3/en/os/i686/kernel-2.4.20-13.7.i686.rpm
ftp://updates.redhat.com/7.3/en/os/i686/kernel-smp-2.4.20-13.7.i686.rpm
ftp://updates.redhat.com/7.3/en/os/i686/kernel-bigmem-2.4.20-13.7.i686.rpm
Red Hat Linux 8.0:
SRPMS:
ftp://updates.redhat.com/8.0/en/os/SRPMS/kernel-2.4.20-13.8.src.rpm
ftp://updates.redhat.com/8.0/en/os/SRPMS/oprofile-0.4-44.8.1.src.rpm
athlon:
ftp://updates.redhat.com/8.0/en/os/athlon/kernel-2.4.20-13.8.athlon.rpm
ftp://updates.redhat.com/8.0/en/os/athlon/kernel-smp-2.4.20-13.8.athlon.rpm
i386:
ftp://updates.redhat.com/8.0/en/os/i386/kernel-2.4.20-13.8.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/kernel-source-2.4.20-13.8.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/kernel-doc-2.4.20-13.8.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/kernel-BOOT-2.4.20-13.8.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/oprofile-0.4-44.8.1.i386.rpm
i586:
ftp://updates.redhat.com/8.0/en/os/i586/kernel-2.4.20-13.8.i586.rpm
ftp://updates.redhat.com/8.0/en/os/i586/kernel-smp-2.4.20-13.8.i586.rpm
i686:
ftp://updates.redhat.com/8.0/en/os/i686/kernel-2.4.20-13.8.i686.rpm
ftp://updates.redhat.com/8.0/en/os/i686/kernel-smp-2.4.20-13.8.i686.rpm
ftp://updates.redhat.com/8.0/en/os/i686/kernel-bigmem-2.4.20-13.8.i686.rpm
Red Hat Linux 9:
SRPMS:
ftp://updates.redhat.com/9/en/os/SRPMS/kernel-2.4.20-13.9.src.rpm
athlon:
ftp://updates.redhat.com/9/en/os/athlon/kernel-2.4.20-13.9.athlon.rpm
ftp://updates.redhat.com/9/en/os/athlon/kernel-smp-2.4.20-13.9.athlon.rpm
i386:
ftp://updates.redhat.com/9/en/os/i386/kernel-2.4.20-13.9.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/kernel-source-2.4.20-13.9.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/kernel-doc-2.4.20-13.9.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/kernel-BOOT-2.4.20-13.9.i386.rpm
i586:
ftp://updates.redhat.com/9/en/os/i586/kernel-2.4.20-13.9.i586.rpm
ftp://updates.redhat.com/9/en/os/i586/kernel-smp-2.4.20-13.9.i586.rpm
i686:
ftp://updates.redhat.com/9/en/os/i686/kernel-2.4.20-13.9.i686.rpm
ftp://updates.redhat.com/9/en/os/i686/kernel-smp-2.4.20-13.9.i686.rpm
ftp://updates.redhat.com/9/en/os/i686/kernel-bigmem-2.4.20-13.9.i686.rpm
可使用下列命令安装补丁:
rpm -Fvh [文件名]
浏览次数:3150
严重程度:0(网友投票)
绿盟科技给您安全的保障