1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
#use wml::debian::translation-check translation="e957448a747ba76734e0d9fce475660191141e95" mindelta="-1"
# 주의: 불완전한 번역. 번역을 마친 다음 위의 'mindelta="-1"'을 지우십시오.
<define-tag description>보안 업데이트</define-tag>
<define-tag moreinfo>
<p>여러 취약점이 리눅스 커널에서 발견되어 권한 상승, 서비스 거부 또는 정보 유출을 일으킬 수 있습니다.
</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-5715">CVE-2017-5715</a>
<p>Multiple researchers have discovered a vulnerability in various
processors supporting speculative execution, enabling an attacker
controlling an unprivileged process to read memory from arbitrary
addresses, including from the kernel and all other processes running on
the system.</p>
<p>This specific attack has been named Spectre variant 2 (branch target
injection) and is mitigated in the Linux kernel for the Intel x86-64
architecture by using the <q>retpoline</q> compiler feature which allows
indirect branches to be isolated from speculative execution.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-5754">CVE-2017-5754</a>
<p>Multiple researchers have discovered a vulnerability in Intel
processors, enabling an attacker controlling an unprivileged process to
read memory from arbitrary addresses, including from the kernel and all
other processes running on the system.</p>
<p>This specific attack has been named Meltdown and is addressed in the
Linux kernel on the powerpc/ppc64el architectures by flushing the L1
data cache on exit from kernel mode to user mode (or from hypervisor to
kernel).</p>
<p>This works on Power7, Power8 and Power9 processors.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-13166">CVE-2017-13166</a>
<p>A bug in the 32-bit compatibility layer of the v4l2 IOCTL handling code
has been found. Memory protections ensuring user-provided buffers always
point to userland memory were disabled, allowing destination address to
be in kernel space. This bug could be exploited by an attacker to
overwrite kernel memory from an unprivileged userland process, leading
to privilege escalation.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2018-5750">CVE-2018-5750</a>
<p>An information leak has been found in the Linux kernel. The
acpi_smbus_hc_add() prints a kernel address in the kernel log at every
boot, which could be used by an attacker on the system to defeat kernel
ASLR.</p></li>
</ul>
<p>Additionnaly to those vulnerability, some mitigations for <a href="https://security-tracker.debian.org/tracker/CVE-2017-5753">CVE-2017-5753</a> are
included in this release.</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2017-5753">CVE-2017-5753</a>
<p>Multiple researchers have discovered a vulnerability in various
processors supporting speculative execution, enabling an attacker
controlling an unprivileged process to read memory from arbitrary
addresses, including from the kernel and all other processes running on
the system.</p>
<p>This specific attack has been named Spectre variant 1 (bounds-check
bypass) and is mitigated in the Linux kernel architecture by identifying
vulnerable code sections (array bounds checking followed by array
access) and replacing the array access with the speculation-safe
array_index_nospec() function.</p>
<p>More use sites will be added over time.</p></li>
</ul>
<p>안정 배포판(stretch)에서, 이 문제는 4.9.82-1+deb9u2 버전에서 수정되었습니다.
</p>
<p>리눅스 패키지를 업그레이드 할 것을 권합니다.</p>
<p>리눅스의 자세한 보안 상태에 대해서는 보안 추적 페이지를 참조하세요:
<a href="https://security-tracker.debian.org/tracker/linux">https://security-tracker.debian.org/tracker/linux</a></p>
</define-tag>
# do not modify the following line
#include "$(ENGLISHDIR)/security/2018/dsa-4120.data"
|