1. 漏洞描述:
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。
Linux kernel 5.18.1版本及之前版本存在安全漏洞,该漏洞源于net/netfilter/nf_tables_api.c允许本地用户将权限升级为root用户,攻击者利用该漏洞可导致释放后重用。
2. 解决方法
使用阿里云或者腾讯云的仓库,具体方法其他文章有说明
sudo yum update -y bpftool kernel-devel python-perf kernel-tools-libs kernel-tools
3. 修复过程
# sudo yum update -y kernel-tools bpftool kernel-headers kernel-devel python-perf kernel-tools-libs
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package bpftool.x86_64 0:3.10.0-1127.13.1.el7 will be updated
---> Package bpftool.x86_64 0:3.10.0-1160.80.1.el7 will be an update
---> Package kernel-devel.x86_64 0:3.10.0-1160.80.1.el7 will be installed
---> Package kernel-headers.x86_64 0:3.10.0-1127.13.1.el7 will be updated
---> Package kernel-headers.x86_64 0:3.10.0-1160.80.1.el7 will be an update
---> Package kernel-tools.x86_64 0:3.10.0-1127.13.1.el7 will be updated
---> Package kernel-tools.x86_64 0:3.10.0-1160.80.1.el7 will be an update
---> Package kernel-tools-libs.x86_64 0:3.10.0-1127.13.1.el7 will be updated
---> Package kernel-tools-libs.x86_64 0:3.10.0-1160.80.1.el7 will be an update
---> Package python-perf.x86_64 0:3.10.0-1127.13.1.el7 will be updated
---> Package python-perf.x86_64 0:3.10.0-1160.80.1.el7 will be an update
--> Finished Dependency ResolutionDependencies Resolved===========================================================================================================================================================================Package Arch Version Repository Size
===========================================================================================================================================================================
Installing:kernel-devel x86_64 3.10.0-1160.80.1.el7 updates 18 M
Updating:bpftool x86_64 3.10.0-1160.80.1.el7 updates 8.5 Mkernel-headers x86_64 3.10.0-1160.80.1.el7 updates 9.1 Mkernel-tools x86_64 3.10.0-1160.80.1.el7 updates 8.2 Mkernel-tools-libs x86_64 3.10.0-1160.80.1.el7 updates 8.1 Mpython-perf x86_64 3.10.0-1160.80.1.el7 updates 8.2 MTransaction Summary
===========================================================================================================================================================================
Install 1 Package
Upgrade 5 PackagesTotal download size: 60 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
(1/6): bpftool-3.10.0-1160.80.1.el7.x86_64.rpm | 8.5 MB 00:00:00
(2/6): kernel-devel-3.10.0-1160.80.1.el7.x86_64.rpm | 18 MB 00:00:01
(3/6): kernel-tools-3.10.0-1160.80.1.el7.x86_64.rpm | 8.2 MB 00:00:01
(4/6): kernel-headers-3.10.0-1160.80.1.el7.x86_64.rpm | 9.1 MB 00:00:01
(5/6): kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64.rpm | 8.1 MB 00:00:00
(6/6): python-perf-3.10.0-1160.80.1.el7.x86_64.rpm | 8.2 MB 00:00:00
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 19 MB/s | 60 MB 00:00:03
Running transaction check
Running transaction test
Transaction test succeeded
Running transactionUpdating : kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64 1/11 Updating : kernel-tools-3.10.0-1160.80.1.el7.x86_64 2/11 Updating : bpftool-3.10.0-1160.80.1.el7.x86_64 3/11 Updating : kernel-headers-3.10.0-1160.80.1.el7.x86_64 4/11 Updating : python-perf-3.10.0-1160.80.1.el7.x86_64 5/11 Installing : kernel-devel-3.10.0-1160.80.1.el7.x86_64 6/11 Cleanup : kernel-headers-3.10.0-1127.13.1.el7.x86_64 7/11 Cleanup : kernel-tools-3.10.0-1127.13.1.el7.x86_64 8/11 Cleanup : kernel-tools-libs-3.10.0-1127.13.1.el7.x86_64 9/11 Cleanup : bpftool-3.10.0-1127.13.1.el7.x86_64 10/11 Cleanup : python-perf-3.10.0-1127.13.1.el7.x86_64 11/11 Verifying : kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64 1/11 Verifying : kernel-devel-3.10.0-1160.80.1.el7.x86_64 2/11 Verifying : python-perf-3.10.0-1160.80.1.el7.x86_64 3/11 Verifying : kernel-headers-3.10.0-1160.80.1.el7.x86_64 4/11 Verifying : bpftool-3.10.0-1160.80.1.el7.x86_64 5/11 Verifying : kernel-tools-3.10.0-1160.80.1.el7.x86_64 6/11 Verifying : kernel-headers-3.10.0-1127.13.1.el7.x86_64 7/11 Verifying : python-perf-3.10.0-1127.13.1.el7.x86_64 8/11 Verifying : kernel-tools-libs-3.10.0-1127.13.1.el7.x86_64 9/11 Verifying : kernel-tools-3.10.0-1127.13.1.el7.x86_64 10/11 Verifying : bpftool-3.10.0-1127.13.1.el7.x86_64 11/11 Installed:kernel-devel.x86_64 0:3.10.0-1160.80.1.el7 Updated:bpftool.x86_64 0:3.10.0-1160.80.1.el7 kernel-headers.x86_64 0:3.10.0-1160.80.1.el7 kernel-tools.x86_64 0:3.10.0-1160.80.1.el7 kernel-tools-libs.x86_64 0:3.10.0-1160.80.1.el7 python-perf.x86_64 0:3.10.0-1160.80.1.el7 Complete!
[root@test-wework ~]# sudo yum update -y bpftool kernel-devel python-perf kernel-tools-libs kernel-tools
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
No packages marked for update4. 重新扫描
![【CVE-2022-0185】Linux kernel [文件系统挂载API] 堆溢出漏洞分析与利用](https://img-blog.csdnimg.cn/img_convert/13f8301e5397416462c3f79d32f2ee30.png)
