252 Star 982 Fork 503

GVPopenEuler / kernel

 / 详情

kernel-4.19 存在漏洞代码,请及时更新补丁

Declined
CVE和安全问题
Opened this issue  
2021-11-04 14:56

漏洞编号: CVE-2021-3493

涉及主要文件及行号
Source/kernel-kernel-4.19/fs/xattr.c@setxattr (503 - 546)
Source/kernel-kernel-4.19/fs/xattr.c@vfs_setxattr (260 - 280)

源码版本:kernel-4.19分支

漏洞简述:
linux kernel 存在安全漏洞,该漏洞源于非特权用户名称空间和Ubuntu内核中允许非特权覆盖的补丁的组合,攻击者可利用该漏洞可以使用它来获得更高的特权。

补丁链接:https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52

Comments (2)

奇安信开源卫士 createdCVE和安全问题

Hi qianxin-open-source-guard, welcome to the openEuler Community.
I'm the Bot here serving you. You can find the instructions on how to interact with me at
https://gitee.com/openeuler/community/blob/master/en/sig-infrastructure/command.md.
If you have any questions, please contact the SIG: Kernel, and any of the maintainers: @XieXiuQi , @YangYingliang , @成坚 (CHENG Jian) .

openeuler-ci-bot added
 
sig/Kernel
label
yanxiaobing2020 set priority to P3

CVE-2021-3493 已经提单跟踪过,经分析该漏洞对openEuler无影响,详见如下链接,本问题单非问题关闭。
#I3QYDS:CVE-2021-3493?from=project-issue

yanxiaobing2020 changed issue state from 待办的 to 已拒绝

Sign in to comment

Status
Assignees
Projects
Milestones
Pull Requests
Successfully merging a pull request will close this issue.
Branches
Planed to start   -   Planed to end
-
Top level
Priority
Duration (hours)
参与者(3)
5329419 openeuler ci bot 1632792936
C
1
https://toscode.gitee.com/openeuler/kernel.git
git@toscode.gitee.com:openeuler/kernel.git
openeuler
kernel
kernel

Search

184635 d8eb8a04 1850385 161156 f1cf3f24 1850385