原文链接:
Hello,大家好啊!今天给大家带来一篇在麒麟桌面操作系统上修复CVE-2024-1086漏洞的文章。漏洞CVE-2024-1086是一个新的安全漏洞,如果不及时修复,可能会对系统造成安全威胁。本文将详细介绍如何在麒麟桌面操作系统上识别和修复这个漏洞。欢迎大家分享转发,点个关注和在看吧!
什么是CVE-2024-1086漏洞?
Linux kernel 存在权限提升漏洞,该漏洞源于netfilter: nf_tables组件中存在释放后重用,可能会导致双重释放,攻击者利用该漏洞导致本地权限提升。
1.查询系统信息
pdsyw@pdsyw-pc:~/桌面$ cat /etc/os-release NAME="Kylin"VERSION="银河麒麟桌面操作系统V10 (SP1)"VERSION_US="Kylin Linux Desktop V10 (SP1)"ID=kylinID_LIKE=debianPRETTY_NAME="Kylin V10 SP1"VERSION_ID="v10"HOME_URL="http://www.kylinos.cn/"SUPPORT_URL="http://www.kylinos.cn/support/technology.html"BUG_REPORT_URL="http://www.kylinos.cn/"PRIVACY_POLICY_URL="http://www.kylinos.cn"VERSION_CODENAME=kylinUBUNTU_CODENAME=kylinPROJECT_CODENAME=V10SP1KYLIN_RELEASE_ID="2303"pdsyw@pdsyw-pc:~/桌面$ uname -aLinux pdsyw-pc 5.4.18-85-generic #74-KYLINOS SMP Fri Mar 24 11:20:19 UTC 2023 aarch64 aarch64 aarch64 GNU/Linux
2.查看软件包版本
pdsyw@pdsyw-pc:~/桌面$ dpkg -l |grep linux-moduleii linux-modules-5.4.18-85-generic 5.4.18-85.74 arm64 Linux kernel extra modules for version 5.4.18 on ARMv8 SMPii linux-modules-extra-5.4.18-85-generic 5.4.18-85.74 arm64 Linux kernel extra modules for version 5.4.18 on ARMv8 SMPpdsyw@pdsyw-pc:~/桌面$ dpkg -l |grep linux-imageii linux-image-5.4.18-85-generic 5.4.18-85.74 arm64 Linux kernel image for version 5.4.18 on ARMv8 SMPii linux-image-generic 5.4.18.85.74 arm64 Generic Linux kernel imagepdsyw@pdsyw-pc:~/桌面$ dpkg -l |grep linux-headerii linux-headers-5.4.18-85 5.4.18-85.74 all Header files related to Linux kernel version 5.4.18ii linux-headers-5.4.18-85-generic 5.4.18-85.74 arm64 Linux kernel headers for version 5.4.18 on ARMv8 SMPii linux-headers-generic 5.4.18.85.74 arm64 Generic Linux kernel headerspdsyw@pdsyw-pc:~/桌面$
3.登录麒麟漏洞公告网
4.漏洞信息
5.下载补丁包
6.放到桌面
7.解压附件二
8.打开终端
9.安装补丁包
pdsyw@pdsyw-pc:~/桌面/附件二:linux_5.4.18-113.102_arm64$ sudo dpkg -i *.deb
10.查看修复后软件包版本
pdsyw@pdsyw-pc:~/桌面$ dpkg -l |grep linux-headerii linux-headers-5.4.18-113 5.4.18-113.102 all Header files related to Linux kernel version 5.4.18ii linux-headers-5.4.18-113-generic 5.4.18-113.102 arm64 Linux kernel headers for version 5.4.18 on ARMv8 SMPii linux-headers-5.4.18-85 5.4.18-85.74 all Header files related to Linux kernel version 5.4.18ii linux-headers-5.4.18-85-generic 5.4.18-85.74 arm64 Linux kernel headers for version 5.4.18 on ARMv8 SMPii linux-headers-generic 5.4.18.85.74 arm64 Generic Linux kernel headerspdsyw@pdsyw-pc:~/桌面$ dpkg -l |grep linux-imageii linux-image-5.4.18-113-generic 5.4.18-113.102 arm64 Signed kernel image genericii linux-image-5.4.18-85-generic 5.4.18-85.74 arm64 Linux kernel image for version 5.4.18 on ARMv8 SMPii linux-image-generic 5.4.18.85.74 arm64 Generic Linux kernel imagepdsyw@pdsyw-pc:~/桌面$ dpkg -l |grep linux-moduleii linux-modules-5.4.18-113-generic 5.4.18-113.102 arm64 Linux kernel extra modules for version 5.4.18 on ARMv8 SMPii linux-modules-5.4.18-85-generic 5.4.18-85.74 arm64 Linux kernel extra modules for version 5.4.18 on ARMv8 SMPii linux-modules-extra-5.4.18-113-generic 5.4.18-113.102 arm64 Linux kernel extra modules for version 5.4.18 on ARMv8 SMPii linux-modules-extra-5.4.18-85-generic 5.4.18-85.74 arm64 Linux kernel extra modules for version 5.4.18 on ARMv8 SMPpdsyw@pdsyw-pc:~/桌面$
11.解压附件八
12.打开终端
13.安装核外补丁包
pdsyw@pdsyw-pc:~/桌面/附件八:2303核外安全补丁包-arm64架构$ sudo dpkg -i *.deb
14.重启系统测试
15.查看内核版本
pdsyw@pdsyw-pc:~/桌面$ uname -aLinux pdsyw-pc 5.4.18-113-generic #102-KYLINOS SMP Fri May 24 11:41:08 UTC 2024 aarch64 aarch64 aarch64 GNU/Linuxpdsyw@pdsyw-pc:~/桌面$
通过本文的介绍,您应该已经了解了如何在麒麟桌面操作系统上修复CVE-2024-1086漏洞。及时修复安全漏洞是保持系统安全的关键步骤,确保您的系统免受潜在攻击。如果您觉得这篇文章有用,请分享和转发。同时,别忘了点个关注和在看,以便未来获取更多实用的技术信息和解决方案。感谢大家的阅读,我们下次再见!