تنبيه SUSE
13243تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
14 أغسطس, 2022
● عالي
2022-5128
الكل
أصدرت SUSE عدّة تحديثات لمعالجة عددٍ من الثغرات في عدد من منتجاتها:
- Linux Kernel (Live Patch 24 for SLE 15 SP2)
- SUSE Linux Enterprise High Performance Computing 15-SP2
- SUSE Linux Enterprise Module for Live Patching 15-SP2
- SUSE Linux Enterprise Server 15-SP2
- SUSE Linux Enterprise Server for SAP Applications 15-SP2
- Linux Kernel (Live Patch 26 for SLE 15 SP2)
- SUSE Linux Enterprise High Performance Computing 15-SP2
- SUSE Linux Enterprise Module for Live Patching 15-SP2
- SUSE Linux Enterprise Server 15-SP2
- SUSE Linux Enterprise Server for SAP Applications 15-SP2
- Linux Kernel (Live Patch 23 for SLE 12 SP5)
- SUSE Linux Enterprise Live Patching 12-SP5
- Linux Kernel (Live Patch 27 for SLE 15 SP2)
- SUSE Linux Enterprise High Performance Computing 15-SP2
- SUSE Linux Enterprise Module for Live Patching 15-SP2
- SUSE Linux Enterprise Server 15-SP2
- SUSE Linux Enterprise Server for SAP Applications 15-SP2
- Linux Kernel (Live Patch 21 for SLE 15 SP2
- SUSE Linux Enterprise High Performance Computing 15-SP2
- SUSE Linux Enterprise Module for Live Patching 15-SP2
- SUSE Linux Enterprise Server 15-SP2
- SUSE Linux Enterprise Server for SAP Applications 15-SP2
- dbus-1
- SUSE Linux Enterprise Server 12-SP2-BCL
- Linux Kernel (Live Patch 22 for SLE 12 SP5)
- SUSE Linux Enterprise Live Patching 12-SP5
- trousers
- SUSE Linux Enterprise High Performance Computing 15-ESPOS
- SUSE Linux Enterprise High Performance Computing 15-LTSS
- SUSE Linux Enterprise Server 15-LTSS
- SUSE Linux Enterprise Server for SAP 15
- SUSE Linux Enterprise Server 12-SP2-BCL
- Linux Kernel
- SUSE Linux Enterprise Desktop 15-SP4
- SUSE Linux Enterprise High Availability 15-SP4
- SUSE Linux Enterprise High Performance Computing
- SUSE Linux Enterprise High Performance Computing 15-SP4
- SUSE Linux Enterprise Module for Basesystem 15-SP4
- SUSE Linux Enterprise Module for Development Tools 15-SP4
- SUSE Linux Enterprise Module for Legacy Software 15-SP4
- SUSE Linux Enterprise Module for Live Patching 15-SP4
- SUSE Linux Enterprise Server
- SUSE Linux Enterprise Server 15-SP4
- SUSE Linux Enterprise Server for SAP Applications
- SUSE Linux Enterprise Server for SAP Applications 15-SP4
- SUSE Linux Enterprise Workstation Extension 15-SP4
- SUSE Manager Proxy 4.3
- SUSE Manager Retail Branch Server 4.3
- SUSE Manager Server 4.3
- openSUSE Leap 15.4
يمكن للمهاجم استغلال هذه الثغرات وتنفيذ ما يلي:
- تجاوز سعة مخزن الذاكرة المؤقت
- تنفيذ برمجيات خبيثة
- رفع الصلاحيات لزيادة قدرته على التعديل في النظام
يوصي المركز بتحديث النسخ المتأثرة حيث أصدرتSUSE توضيحًا لهذه التحديثات:
- https://www.suse.com/support/update/announcement/2022/suse-su-20222776-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20222779-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20222780-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20222781-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20222783-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20222788-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20222789-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20222798-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20222800-1/
- https://www.suse.com/support/update/announcement/2022/suse-su-20222803-1/