阿里云漏洞库

漏洞描述

A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is removed from the auto_asconf_splist list without any proper locking. This can be exploited by an attacker with network service privileges to escalate to root or from the context of an unprivileged user directly if a BPF_CGROUP_INET_SOCK_CREATE is attached which denies creation of some SCTP socket.

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
http://www.openwall.com/lists/oss-security/2021/05/10/1
http://www.openwall.com/lists/oss-security/2021/05/10/2
http://www.openwall.com/lists/oss-security/2021/05/10/3
http://www.openwall.com/lists/oss-security/2021/05/10/4
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id...
https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html
https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://security.netapp.com/advisory/ntap-20210611-0008/
https://www.openwall.com/lists/oss-security/2021/04/18/2

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	系统	alma_linux_8	kernel	*		Up to (excluding) 4.18.0-348.el8
	运行在以下环境
	系统	amazon_2	kernel	*		Up to (excluding) 5.4.117-58.216.amzn2
	运行在以下环境
	系统	amazon_AMI	kernel	*		Up to (excluding) 4.14.232-123.381.amzn1
	运行在以下环境
	系统	anolis_os_8	kernel	*		Up to (excluding) 4.19
	运行在以下环境
	系统	debian_10	linux	*		Up to (excluding) 4.19.194-1
	运行在以下环境
	系统	debian_11	linux	*		Up to (excluding) 5.10.38-1
	运行在以下环境
	系统	debian_12	linux	*		Up to (excluding) 5.10.38-1
	运行在以下环境
	系统	debian_9	linux	*		Up to (excluding) 4.9.272-1
	运行在以下环境
	系统	fedoraproject	fedora	32	-
	运行在以下环境
	系统	fedoraproject	fedora	33	-
	运行在以下环境
	系统	fedora_32	kernel	*		Up to (excluding) 5.11.16-100.fc32
	运行在以下环境
	系统	fedora_33	kernel	*		Up to (excluding) 5.11.16-200.fc33
	运行在以下环境
	系统	fedora_34	kernel	*		Up to (excluding) 5.11.16-300.fc34
	运行在以下环境
	系统	kylinos_aarch64_V10SP2	kernel	*		Up to (excluding) 4.19.90-25.11.v2101.ky10
	运行在以下环境
	系统	kylinos_x86_64_V10SP2	kernel	*		Up to (excluding) 4.19.90-25.11.v2101.ky10
	运行在以下环境
	系统	linux	linux_kernel	*		Up to (excluding) 5.12
	运行在以下环境
	系统	linux	linux_kernel	5.12	-
	运行在以下环境
	系统	oracle_7	kernel	*		Up to (excluding) 4.14.35-2047.505.4.el7
	运行在以下环境
	系统	oracle_8	kernel	*		Up to (excluding) 5.4.17-2102.202.5.el8uek
	运行在以下环境
	系统	redhat_8	kernel	*		Up to (excluding) 4.18.0-348.el8
	运行在以下环境
	系统	suse_12_SP5	kernel	*		Up to (excluding) 4.12.14-16.59.1
	运行在以下环境
	系统	ubuntu_18.04	linux	*		Up to (excluding) 4.15.0-1022.26
	运行在以下环境
	系统	ubuntu_20.04	linux	*		Up to (excluding) 5.4.0-1048.52
	运行在以下环境
	系统	ubuntu_21.04	linux	*		Up to (excluding) 5.11.0-1012.12

攻击路径

本地
攻击复杂度

困难
权限要求

普通权限
影响范围

全局影响
EXP成熟度

N/A
补丁情况

官方补丁
数据保密性

数据泄露
数据完整性

传输被破坏
服务器危害

服务器失陷
全网数量

N/A

CWE-ID	漏洞类型
CWE-362	使用共享资源的并发执行不恰当同步问题（竞争条件）

中危 linux linux_kernel 使用共享资源的并发执行不恰当同步问题（竞争条件）

漏洞描述

解决建议

参考链接

受影响软件情况