安全通告 - Sudo权限提升漏洞
- 预警编号:huawei-sa-20210310-01-escalation
- 初始发布时间: 2021年03月10日
- 更新发布时间: 2021年04月28日
在sudo解析命令行参数的方式中发现了一个基于堆的缓冲区溢出漏洞。任何能够执行sudo命令的经过身份验证的本地用户都可以利用此漏洞。成功利用此漏洞可能导致权限提升。 (漏洞编号:HWPSIRT-2021-11969)
此漏洞的CVE编号为: CVE-2021-3156.
华为已发布版本修复该漏洞。安全通报链接:
http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20210310-01-escalation-cn
|
产品名称 |
版本号 |
修复版本号 |
|
Agile Controller-Campus |
V100R003C50SPC302 |
V100R003C60CP0001 |
|
V100R003C60SPC200 |
||
|
V100R003C60SPC201 |
||
|
V100R003C60SPC202 |
||
|
V100R003C60SPC203 |
||
|
V100R003C60SPC205 |
||
|
V100R003C60SPC206 |
||
|
V100R003C60SPC207 |
||
|
V100R003C60SPC208 |
||
|
V100R003C60SPC209 |
||
|
V100R003C60SPC210 |
||
|
V100R003C60SPC211 |
||
|
V100R003C60SPC212 |
||
|
Agile Controller-DCN |
V300R003C00 |
V300R003C00CP3181 |
|
V300R003C10SPC200 |
V300R019C00SPC511 |
|
|
V300R019C00SPC500 |
||
|
V300R019C00SPC501 |
||
|
V300R019C00SPC502 |
||
|
V300R019C00SPC506 |
||
|
V300R019C00SPC507 |
||
|
V300R019C00SPC508 |
||
|
C30 |
V300R019C60 |
HoloSens SDC 8.0.2.SPC111 |
|
CloudCampus@AC-Campus |
19.0.3.2 |
V300R019C00CP3006 |
|
3.1.0 |
V300R003C10CP6001 |
|
|
3.1.2 |
V300R019C00CP3006 |
|
|
3.1.3 |
||
|
3.1.5 |
||
|
V300R003C10 |
V300R003C10CP6001 |
|
|
V300R019C00CP3005 |
V300R019C00CP3006 |
|
|
V300R019C00SPC200 |
||
|
V300R019C00SPC300 |
||
|
V300R019C00SPC301 |
||
|
V300R019C00SPC310 |
||
|
V300R019C00SPC320 |
||
|
V300R019C00SPC321 |
||
|
FusionDirector |
1.5.2 |
1.6.3.SPC1 |
|
1.5.2.SPC3 |
||
|
1.5.2.SPC5 |
||
|
1.6.0 |
||
|
1.6.0.SPC1 |
||
|
1.6.1 |
||
|
1.6.1.SPC1 |
||
|
1.6.1.SPC2 |
||
|
1.6.2 |
||
|
1.6.2.SPC2 |
||
|
1.6.3 |
||
|
FusionSphere OpenStack |
6.5.1 |
6.5.1.HP12 |
|
8.0.1 |
8.0.3 |
|
|
8.0.2 |
||
|
V100R006C00 |
NFV_FusionSphere 6.5.1.SPC29 or latest version |
|
|
V100R006C00RC1 |
||
|
V100R006C00U1 |
||
|
V100R006C10 |
||
|
V100R006C30 |
||
|
ManageOne |
6.5.0 |
6.5.1.SPC206 |
|
8.0.0 |
||
|
8.0.0-LCN080 |
||
|
8.0.0-LCND81 |
||
|
8.0.1 |
||
|
8.0.2 |
||
|
8.0.2RC1 |
||
|
8.0.3 |
||
|
8.0.3RC1 |
||
|
8.0.RC2 |
||
|
8.0.RC3 |
||
|
NFV_FusionSphere |
6.5.1.SPC28 |
6.5.1.SPC29 |
|
8.0.0.SPC15 |
8.0.0.SPC17 |
|
|
SD-WAN@AC-Campus |
V300R003C00SPC600 |
V300R003C00SPC710 |
|
V300R003C00SPC700 |
||
|
V300R019C00 |
V300R019C00SPC315 |
|
|
SMC2.0 |
V600R006C00SPC700 |
V600R019C10SPCa20 |
|
V600R006C00SPC800 |
||
|
V600R006C10SPC500 |
||
|
V600R006C10SPC600 |
||
|
V600R006C10SPC601 |
||
|
V600R006C10SPC602 |
||
|
V600R006C10SPC700 |
||
|
V600R019C00 |
||
|
V600R019C10 |
||
|
SmartAX EA5800 |
V100R018C00 |
V100R019C10SPH208 |
|
V100R018C10 |
||
|
SmartAX MA5800 |
V100R017C00SPC202 |
V100R019C10SPH208 |
|
V100R017C10SPC200 |
||
|
V100R018C00SPH101 |
||
|
V100R018C10 |
||
|
V100R018C10SPH102 |
||
|
V100R019C00 |
||
|
V100R019C12 |
V100R019C12SPH222 |
|
|
SmartAX MA5818 |
V800R017C10SPC201 |
V800R019C10SPC301 |
|
V800R018C00SPC200 |
||
|
V800R018C10SPC200 |
||
|
V800R019C10SPH101 |
||
|
eSE620X vESS |
V100R001C20SPC300 |
CGP TOOL V100R001C00SPC031 |
|
V200R001C00SPC300 |
||
|
iManager NetEco |
V600R009C00 |
V600R009C10CP2004 |
|
V600R009C10SPC200 |
||
|
iManager NetEco 6000 |
V600R008C10SPC300 |
V600R008C10SPC590 |
|
V600R008C20 |
||
|
iMaster NCE-Campus |
V300R019C10SPC100 |
V300R019C10CP2055 |
|
V300R019C10SPC100_WXFJ_CPC_001 |
||
|
V300R019C10SPC200 |
||
|
V300R019C10SPC200_WXFJ_CPC_001 |
||
|
V300R019C10SPC205 |
||
|
V300R019C10SPC205_WXFJ_CPC_001 |
||
|
iMaster NCE-CampusInsight |
V100R019C10 |
V100R019C10CP3021 |
|
V100R020C00 |
V100R020C00CP1031 |
|
|
iMaster NCE-Fabric |
V100R019C10CP2061 |
V100R019C10CP2091 |
|
V100R019C10SPC200 |
||
|
V100R019C10SPC201 |
||
|
V100R019C10SPC202 |
||
|
V100R019C10SPC203 |
||
|
V100R019C10SPC206 |
||
|
V100R019C10SPC207 |
||
|
V100R019C10SPC208 |
||
|
V100R019C10SPC209 |
||
|
iMaster NCE-FabricInsight |
V100R019C10 |
V100R019C10CP2071 |
|
V100R020C00 |
V100R020C00CP1032 |
|
|
iMaster NCE-WAN |
V100R019C10SPC200 |
V100R019C10SPC208 |
|
V100R019C10SPC201 |
||
|
V100R019C10SPC203 |
||
|
V100R019C10SPC205 |
||
|
V100R019C10SPC207 |
漏洞使用CVSSv3计分系统进行分级(http://www.first.org/cvss/specification-document)
基础得分:7.8(AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
临时得分:7.0 (E:P/RL:O/RC:C)
利用漏洞发起攻击的预置条件:
本地,通过认证的用户可以访问受影响设备。
漏洞详细描述:
在sudo解析命令行参数的方式中发现了一个基于堆的缓冲区溢出漏洞。任何能够执行sudo命令的经过身份验证的本地用户都可以利用此漏洞。成功利用此漏洞可能导致权限提升。
无
用户可以通过华为TAC (Huawei Technical Assistance Center)获取补丁/更新版本。
TAC的联系方式见链接http://www.huawei.com/cn/psirt/report-vulnerabilities。
漏洞由外部公开披露。
2021-04-28 V1.5 UPDATED 刷新受影响产品版本和修复信息;
2021-04-07 V1.4 UPDATED 刷新受影响产品版本和修复信息;
2021-03-31 V1.3 UPDATED 刷新受影响产品版本和修复信息;
2021-03-24 V1.2 UPDATED 刷新受影响产品版本和修复信息;
2021-03-17 V1.1 UPDATED 刷新受影响产品版本和修复信息;
2021-03-10 V1.0 INITIAL
无
华为一贯主张尽全力保障产品用户的最终利益,遵循负责任的安全事件披露原则,并通过产品安全问题处理机制处理产品安全问题。
获取华为公司安全应急响应服务及华为产品漏洞信息,请访问http://www.huawei.com/cn/psirt。
反馈华为产品和解决方案安全问题,请反馈至华为PSIRT邮箱PSIRT@huawei.com,详情参考http://www.huawei.com/cn/psirt/report-vulnerabilities。
