报警信息
阿里云安全中心收到提示存在RHSA-2019:0049-Important: systemd security update漏洞,如下图所示:
其中每个漏洞详细信息为:
【严重】systemd:在systemd-networkingd dhcpv6选项处理中存在缺陷导致越界堆写入缓冲区溢出
漏洞描述
It was discovered that systemd-network does not correctly keep track of a buffer size when constructing DHCPv6 packets. This flaw may lead to an integer underflow that can be used to produce an heap-based buffer overflow. A malicious host on the same network segment as the victim’s one may advertise itself as a DHCPv6 server and exploit this flaw to cause a Denial of Service or potentially gain code execution on the victim’s machine.
基本信息
CVE编号: CVE-2018-15688
漏洞类型: 缓冲区溢出
危险等级: 严重
披露时间: 2018-10-26
【高危】systemd在使用long cmdline的命令调用syslog时堆栈溢出缓冲区溢出
漏洞描述
当具有长命令行参数的程序调用syslog时,在systemd-journald中发现了无限制的内存分配,这可能导致堆栈与另一个内存区域发生冲突。本地攻击者可能会使用此漏洞来破坏systemd-journald或升级权限。
基本信息
CVE编号: CVE-2018-16864
漏洞类型: 缓冲区溢出
危险等级: 高危
披露时间: 2019-01-11
【高危】systemd日志记录处理时存在溢出 权限提升
漏洞描述
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges.
基本信息
CVE编号: CVE-2018-16865
漏洞类型: 权限提升,缓冲区溢出
危险等级: 高危
披露时间: 2019-01-09
修复方法
1 | yum update systemd -y |
执行完成后记得在阿里云平台验证,如果该ECS在列表中消失,表示已修复成功。