BDU:2024-10396

Vulnerability from fstec - Published: 21.09.2023
VLAI
Title
Уязвимость функции qd_check_sync() компонента imon ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость функции qd_check_sync() компонента imon ядра операционных систем Linux связана с неконтролируемым достижимым утверждением. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании
Severity
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vendor
Novell Inc., Red Hat Inc., Сообщество свободного программного обеспечения, ООО «Ред Софт»
Software Name
OpenSUSE Leap, Red Hat Enterprise Linux, Suse Linux Enterprise Server, SUSE Linux Enterprise Server for SAP Applications, Debian GNU/Linux, SUSE Linux Enterprise Workstation Extension, SUSE Linux Enterprise Live Patching, РЕД ОС (запись в едином реестре российских программ №3751), SUSE Manager Retail Branch Server, SUSE Manager Proxy, SUSE Manager Server, SUSE Linux Enterprise High Availability Extension, SUSE Linux Enterprise Micro, openSUSE Leap Micro, Suse Linux Enterprise Desktop, SUSE Linux Enterprise High Performance Computing, SUSE Linux Enterprise Module for Basesystem, SUSE Linux Enterprise Module for Development Tools, SUSE Linux Enterprise Module for Public Cloud, SUSE Linux Enterprise Real Time, SUSE Linux Enterprise Module for Legacy Software, SUSE Real Time Module, Linux
Software Version
15.5 (OpenSUSE Leap), 8 (Red Hat Enterprise Linux), 12 SP5 (Suse Linux Enterprise Server), 12 SP5 (SUSE Linux Enterprise Server for SAP Applications), 10 (Debian GNU/Linux), 12 SP5 (SUSE Linux Enterprise Workstation Extension), 12 SP5 (SUSE Linux Enterprise Live Patching), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (РЕД ОС), 9 (Red Hat Enterprise Linux), 4.3 (SUSE Manager Retail Branch Server), 4.3 (SUSE Manager Proxy), 4.3 (SUSE Manager Server), 12 SP5 (SUSE Linux Enterprise High Availability Extension), 5.3 (SUSE Linux Enterprise Micro), 5.3 (openSUSE Leap Micro), 15 SP4 (SUSE Linux Enterprise Live Patching), 15 SP4 (SUSE Linux Enterprise High Availability Extension), 15 SP5 (SUSE Linux Enterprise Server for SAP Applications), 15 SP5 (Suse Linux Enterprise Server), 15 SP5 (Suse Linux Enterprise Desktop), 15 SP5 (SUSE Linux Enterprise High Performance Computing), 15 SP5 (SUSE Linux Enterprise Module for Basesystem), 15 SP5 (SUSE Linux Enterprise Module for Development Tools), 15 SP5 (SUSE Linux Enterprise Module for Public Cloud), 15 SP5 (SUSE Linux Enterprise Real Time), 5.4 (SUSE Linux Enterprise Micro), 15 SP5 (SUSE Linux Enterprise Module for Legacy Software), 12 SP5 (SUSE Linux Enterprise Real Time), 5.4 (openSUSE Leap Micro), 15 SP5 (SUSE Linux Enterprise Live Patching), 15 SP5 (SUSE Linux Enterprise Workstation Extension), 5.5 (SUSE Linux Enterprise Micro), 5.5 (openSUSE Leap Micro), 15 SP4-ESPOS (SUSE Linux Enterprise High Performance Computing), 15 SP4-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP4-LTSS (Suse Linux Enterprise Server), 15 SP5 (SUSE Real Time Module), 15 SP6 (Suse Linux Enterprise Desktop), 15 SP6 (SUSE Linux Enterprise Server for SAP Applications), 15 SP6 (SUSE Linux Enterprise High Performance Computing), 15 SP6 (SUSE Linux Enterprise Module for Basesystem), 15 SP6 (SUSE Linux Enterprise Workstation Extension), 15.6 (OpenSUSE Leap), 15 SP6 (SUSE Linux Enterprise Module for Development Tools), 15 SP5 (SUSE Linux Enterprise High Availability Extension), 15 SP6 (SUSE Linux Enterprise Module for Legacy Software), от 6.6 до 6.6.3 (Linux), 15 SP6 (SUSE Linux Enterprise High Availability Extension), 15 SP6 (SUSE Linux Enterprise Live Patching), 15 SP6 (SUSE Linux Enterprise Module for Public Cloud), 15 SP6 (SUSE Linux Enterprise Real Time), 15 SP6 (SUSE Real Time Module), от 4.14 др 4.14.331 (Linux), от 4.19 до 4.19.300 (Linux), от 5.10 до 5.10.202 (Linux), от 5.15 до 5.15.140 (Linux), от 5.4 до 5.4.262 (Linux), от 6.1 до 6.1.64 (Linux), от 6.5 до 6.5.13 (Linux), 6.7 rc1 (Linux), 6.1 (SUSE Linux Enterprise Micro)
Possible Mitigations
Использование рекомендаций: Для Linux: https://git.kernel.org/stable/c/119565e566f91ff3588ffcd5812f0c8061586c6b https://git.kernel.org/stable/c/1c28dace66015b675a343b89b0c87abbfda05ff4 https://git.kernel.org/stable/c/212f112fe5e90e98eb8d48585682880dae139f4c https://git.kernel.org/stable/c/2a054b87a1b799b391e578597a42ee6e57a987ae https://git.kernel.org/stable/c/2bb42a27a92ff3984c9fa5fbe128eced3ea693f2 https://git.kernel.org/stable/c/4c6a08125f2249531ec01783a5f4317d7342add5 https://git.kernel.org/stable/c/50e33567bc4a1c4ed79a1d289fe93c9a26491848 https://git.kernel.org/stable/c/53fc16c1ad84f5467ec24341670b63aa759335d3 https://git.kernel.org/stable/c/5bfda356e903633d16ae1bac1ee38364e12628a3 https://git.kernel.org/stable/c/b4deec69fe32b58dc5fb4ace52456ece85b75561 Для РедОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/ Для программных продуктов Novell Inc.: https://www.suse.com/security/cve/CVE-2023-52865.html Для Debian GNU/Linux: https://security-tracker.debian.org/tracker/CVE-2023-52759 Для программных продуктов Red Hat Inc.: https://access.redhat.com/security/cve/cve-2023-52759
Reference
https://redos.red-soft.ru/support/secure/ https://git.kernel.org/stable/c/119565e566f91ff3588ffcd5812f0c8061586c6b https://git.kernel.org/stable/c/1c28dace66015b675a343b89b0c87abbfda05ff4 https://git.kernel.org/stable/c/212f112fe5e90e98eb8d48585682880dae139f4c https://git.kernel.org/stable/c/2a054b87a1b799b391e578597a42ee6e57a987ae https://git.kernel.org/stable/c/2bb42a27a92ff3984c9fa5fbe128eced3ea693f2 https://git.kernel.org/stable/c/4c6a08125f2249531ec01783a5f4317d7342add5 https://git.kernel.org/stable/c/50e33567bc4a1c4ed79a1d289fe93c9a26491848 https://git.kernel.org/stable/c/53fc16c1ad84f5467ec24341670b63aa759335d3 https://git.kernel.org/stable/c/5bfda356e903633d16ae1bac1ee38364e12628a3 https://git.kernel.org/stable/c/b4deec69fe32b58dc5fb4ace52456ece85b75561 https://www.suse.com/security/cve/CVE-2023-52865.html https://access.redhat.com/security/cve/cve-2023-52759 https://security-tracker.debian.org/tracker/CVE-2023-52759
CWE
CWE-99, CWE-617
To clipboard 

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Novell Inc., Red Hat Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "15.5 (OpenSUSE Leap), 8 (Red Hat Enterprise Linux), 12 SP5 (Suse Linux Enterprise Server), 12 SP5 (SUSE Linux Enterprise Server for SAP Applications), 10 (Debian GNU/Linux), 12 SP5 (SUSE Linux Enterprise Workstation Extension), 12 SP5 (SUSE Linux Enterprise Live Patching), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (\u0420\u0415\u0414 \u041e\u0421), 9 (Red Hat Enterprise Linux), 4.3 (SUSE Manager Retail Branch Server), 4.3 (SUSE Manager Proxy), 4.3 (SUSE Manager Server), 12 SP5 (SUSE Linux Enterprise High Availability Extension), 5.3 (SUSE Linux Enterprise Micro), 5.3 (openSUSE Leap Micro), 15 SP4 (SUSE Linux Enterprise Live Patching), 15 SP4 (SUSE Linux Enterprise High Availability Extension), 15 SP5 (SUSE Linux Enterprise Server for SAP Applications), 15 SP5 (Suse Linux Enterprise Server), 15 SP5 (Suse Linux Enterprise Desktop), 15 SP5 (SUSE Linux Enterprise High Performance Computing), 15 SP5 (SUSE Linux Enterprise Module for Basesystem), 15 SP5 (SUSE Linux Enterprise Module for Development Tools), 15 SP5 (SUSE Linux Enterprise Module for Public Cloud), 15 SP5 (SUSE Linux Enterprise Real Time), 5.4 (SUSE Linux Enterprise Micro), 15 SP5 (SUSE Linux Enterprise Module for Legacy Software), 12 SP5 (SUSE Linux Enterprise Real Time), 5.4 (openSUSE Leap Micro), 15 SP5 (SUSE Linux Enterprise Live Patching), 15 SP5 (SUSE Linux Enterprise Workstation Extension), 5.5 (SUSE Linux Enterprise Micro), 5.5 (openSUSE Leap Micro), 15 SP4-ESPOS (SUSE Linux Enterprise High Performance Computing), 15 SP4-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP4-LTSS (Suse Linux Enterprise Server), 15 SP5 (SUSE Real Time Module), 15 SP6 (Suse Linux Enterprise Desktop), 15 SP6 (SUSE Linux Enterprise Server for SAP Applications), 15 SP6 (SUSE Linux Enterprise High Performance Computing), 15 SP6 (SUSE Linux Enterprise Module for Basesystem), 15 SP6 (SUSE Linux Enterprise Workstation Extension), 15.6 (OpenSUSE Leap), 15 SP6 (SUSE Linux Enterprise Module for Development Tools), 15 SP5 (SUSE Linux Enterprise High Availability Extension), 15 SP6 (SUSE Linux Enterprise Module for Legacy Software), \u043e\u0442 6.6 \u0434\u043e 6.6.3 (Linux), 15 SP6 (SUSE Linux Enterprise High Availability Extension), 15 SP6 (SUSE Linux Enterprise Live Patching), 15 SP6 (SUSE Linux Enterprise Module for Public Cloud), 15 SP6 (SUSE Linux Enterprise Real Time), 15 SP6 (SUSE Real Time Module), \u043e\u0442 4.14 \u0434\u0440 4.14.331 (Linux), \u043e\u0442 4.19 \u0434\u043e 4.19.300 (Linux), \u043e\u0442 5.10 \u0434\u043e 5.10.202 (Linux), \u043e\u0442 5.15 \u0434\u043e 5.15.140 (Linux), \u043e\u0442 5.4 \u0434\u043e 5.4.262 (Linux), \u043e\u0442 6.1 \u0434\u043e 6.1.64 (Linux), \u043e\u0442 6.5 \u0434\u043e 6.5.13 (Linux), 6.7 rc1 (Linux), 6.1 (SUSE Linux Enterprise Micro)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://git.kernel.org/stable/c/119565e566f91ff3588ffcd5812f0c8061586c6b\t\nhttps://git.kernel.org/stable/c/1c28dace66015b675a343b89b0c87abbfda05ff4\t\nhttps://git.kernel.org/stable/c/212f112fe5e90e98eb8d48585682880dae139f4c\t\nhttps://git.kernel.org/stable/c/2a054b87a1b799b391e578597a42ee6e57a987ae\t\nhttps://git.kernel.org/stable/c/2bb42a27a92ff3984c9fa5fbe128eced3ea693f2\t\nhttps://git.kernel.org/stable/c/4c6a08125f2249531ec01783a5f4317d7342add5\t\nhttps://git.kernel.org/stable/c/50e33567bc4a1c4ed79a1d289fe93c9a26491848\t\nhttps://git.kernel.org/stable/c/53fc16c1ad84f5467ec24341670b63aa759335d3\t\nhttps://git.kernel.org/stable/c/5bfda356e903633d16ae1bac1ee38364e12628a3\t\nhttps://git.kernel.org/stable/c/b4deec69fe32b58dc5fb4ace52456ece85b75561\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: \nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/security/cve/CVE-2023-52865.html\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2023-52759\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2023-52759",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "21.09.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "27.11.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "27.11.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-10396",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-52759",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "OpenSUSE Leap, Red Hat Enterprise Linux, Suse Linux Enterprise Server, SUSE Linux Enterprise Server for SAP Applications, Debian GNU/Linux, SUSE Linux Enterprise Workstation Extension, SUSE Linux Enterprise Live Patching, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), SUSE Manager Retail Branch Server, SUSE Manager Proxy, SUSE Manager Server, SUSE Linux Enterprise High Availability Extension, SUSE Linux Enterprise Micro, openSUSE Leap Micro, Suse Linux Enterprise Desktop, SUSE Linux Enterprise High Performance Computing, SUSE Linux Enterprise Module for Basesystem, SUSE Linux Enterprise Module for Development Tools, SUSE Linux Enterprise Module for Public Cloud, SUSE Linux Enterprise Real Time, SUSE Linux Enterprise Module for Legacy Software, SUSE Real Time Module, Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Novell Inc. OpenSUSE Leap 15.5 , Red Hat Inc. Red Hat Enterprise Linux 8 , Novell Inc. Suse Linux Enterprise Server 12 SP5 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP5 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Red Hat Inc. Red Hat Enterprise Linux 9 , Novell Inc. openSUSE Leap Micro 5.3 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP5 , Novell Inc. Suse Linux Enterprise Server 15 SP5 , Novell Inc. Suse Linux Enterprise Desktop 15 SP5 , Novell Inc. SUSE Linux Enterprise Real Time 15 SP5 , Novell Inc. SUSE Linux Enterprise Real Time 12 SP5 , Novell Inc. openSUSE Leap Micro 5.4 , Novell Inc. openSUSE Leap Micro 5.5 , Novell Inc. Suse Linux Enterprise Server 15 SP4-LTSS , Novell Inc. Suse Linux Enterprise Desktop 15 SP6 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP6 , Novell Inc. OpenSUSE Leap 15.6 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.6 \u0434\u043e 6.6.3 , Novell Inc. SUSE Linux Enterprise Real Time 15 SP6 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.14 \u0434\u0440 4.14.331 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.19 \u0434\u043e 4.19.300 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.10 \u0434\u043e 5.10.202 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.15 \u0434\u043e 5.15.140 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.4 \u0434\u043e 5.4.262 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.1 \u0434\u043e 6.1.64 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.5 \u0434\u043e 6.5.13 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux 6.7 rc1 ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 qd_check_sync() \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 imon \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0432\u0435\u0440\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u0430\u043c\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u0430 (\u0412\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430) (CWE-99), \u0414\u043e\u0441\u0442\u0443\u043f\u043d\u0430\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044f assert() (CWE-617)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 qd_check_sync() \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 imon \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u043c \u0434\u043e\u0441\u0442\u0438\u0436\u0438\u043c\u044b\u043c \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u0435\u043c. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445, \u0418\u043d\u044a\u0435\u043a\u0446\u0438\u044f",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://redos.red-soft.ru/support/secure/\nhttps://git.kernel.org/stable/c/119565e566f91ff3588ffcd5812f0c8061586c6b\t\nhttps://git.kernel.org/stable/c/1c28dace66015b675a343b89b0c87abbfda05ff4\t\nhttps://git.kernel.org/stable/c/212f112fe5e90e98eb8d48585682880dae139f4c\t\nhttps://git.kernel.org/stable/c/2a054b87a1b799b391e578597a42ee6e57a987ae\t\nhttps://git.kernel.org/stable/c/2bb42a27a92ff3984c9fa5fbe128eced3ea693f2\t\nhttps://git.kernel.org/stable/c/4c6a08125f2249531ec01783a5f4317d7342add5\t\nhttps://git.kernel.org/stable/c/50e33567bc4a1c4ed79a1d289fe93c9a26491848\t\nhttps://git.kernel.org/stable/c/53fc16c1ad84f5467ec24341670b63aa759335d3\t\nhttps://git.kernel.org/stable/c/5bfda356e903633d16ae1bac1ee38364e12628a3\t\nhttps://git.kernel.org/stable/c/b4deec69fe32b58dc5fb4ace52456ece85b75561\nhttps://www.suse.com/security/cve/CVE-2023-52865.html\nhttps://access.redhat.com/security/cve/cve-2023-52759\nhttps://security-tracker.debian.org/tracker/CVE-2023-52759",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-99, CWE-617",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.