{"id":94517,"date":"2022-01-28T09:23:15","date_gmt":"2022-01-28T00:23:15","guid":{"rendered":"https:\/\/softantenna.com\/blog\/?p=94517"},"modified":"2022-01-28T09:23:15","modified_gmt":"2022-01-28T00:23:15","slug":"linux-distro-12-years-vulnerability","status":"publish","type":"post","link":"https:\/\/softantenna.com\/blog\/linux-distro-12-years-vulnerability\/","title":{"rendered":"\u4e3b\u8981\u306aLinux\u30c7\u30a3\u30b9\u30c8\u30ed\u304c12\u5e74\u30e2\u30ce\u306e\u8106\u5f31\u6027\u3092\u62b1\u3048\u3066\u3044\u305f\u3053\u3068\u304c\u5224\u660e"},"content":{"rendered":"

\"1643168010<\/p>\n

Linux\u306e\u4e3b\u8981\u306a\u30c7\u30a3\u30b9\u30c8\u30ea\u30d3\u30e5\u30fc\u30b7\u30e7\u30f3\u306b\u5f71\u97ff\u3059\u308b\u300cPwnKit\u300d\u3068\u547c\u3070\u308c\u308b\u8106\u5f31\u6027\u304c\u3042\u3089\u305f\u306b\u767a\u898b\u3055\u308c\u305f\u3053\u3068\u304c\u308f\u304b\u308a\u307e\u3057\u305f(Neowin<\/a>)\u3002<\/p>\n

Qualys\u306eLinux\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u7814\u7a76\u8005\u306b\u3088\u3063\u3066\u767a\u898b\u3055\u308c\u305f\u8106\u5f31\u6027\u3067\u3001ID\u3068\u3057\u3066\u300cCVE-2021-4034\u300d\u304c\u5272\u308a\u5f53\u3066\u3089\u308c\u3066\u3044\u307e\u3059\u3002\u767a\u898b\u3055\u308c\u305f\u306e\u306f\u6700\u8fd1\u3067\u3059\u304c\u3001\u904e\u53bb12\u5e74\u9593\u306b\u6e21\u3063\u3066\u60aa\u7528\u53ef\u80fd\u306a\u72b6\u614b\u3060\u3063\u305f\u6a21\u69d8\u3002\u30ed\u30fc\u30ab\u30eb\u6a29\u9650\u6607\u683c(LPE)\u306e\u8106\u5f31\u6027\u3068\u3055\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n

\u7814\u7a76\u8005\u30c1\u30fc\u30e0\u306b\u3088\u308b\u3068\u3001\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u4f7f\u7528\u3057\u3066\u3001Ubuntu\u3001Debian\u3001Fedora\u3001CentOS\u306a\u3069\u306e\u4e3b\u8981Linux \u30c7\u30a3\u30b9\u30c8\u30ea\u30d3\u30e5\u30fc\u30b7\u30e7\u30f3\u306e\u30c7\u30d5\u30a9\u30eb\u30c8\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u72b6\u614b\u3067\u3001\u5b8c\u5168\u306a\u30eb\u30fc\u30c8\u6a29\u9650\u3092\u53d6\u5f97\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u305f\u3068\u306e\u3053\u3068\u3002\u307e\u305f\u4ed6\u306eLinux\u30c7\u30a3\u30b9\u30c8\u30ea\u30d3\u30e5\u30fc\u30b7\u30e7\u30f3\u3082\u5f71\u97ff\u3092\u53d7\u3051\u308b\u306f\u305a\u3060\u3068\u6307\u6458\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u8106\u5f31\u6027\u306f\u4e3b\u8981\u306aLinux\u30c7\u30a3\u30b9\u30c8\u30ea\u30d3\u30e5\u30fc\u30b7\u30e7\u30f3\u306b\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u3066\u3044\u308bSUID-root\u30d7\u30ed\u30b0\u30e9\u30e0\u3067\u3042\u308bPolkit\u306e\u300cpkexec\u300d\u30d7\u30ed\u30b0\u30e9\u30e0\u306b\u304a\u3051\u308b\u30e1\u30e2\u30ea\u7834\u640d\u304c\u539f\u56e0\u3060\u304b\u3089\u3067\u3059\u3002<\/p>\n

\u6b20\u9665\u306fpkexec\u306e\u521d\u671f\u304b\u3089\u5b58\u5728\u3057\u3066\u3044\u305f\u305f\u3081\u3001Qualys\u306fLinux\u30c7\u30a3\u30b9\u30c8\u30ea\u30d3\u30e5\u30fc\u30b7\u30e7\u30f3\u306f\u904e\u53bb12\u5e74\u4ee5\u4e0a\u306b\u308f\u305f\u3063\u3066\u30cf\u30c3\u30ab\u30fc\u306e\u683c\u597d\u306e\u990c\u98df\u306b\u306a\u3063\u3066\u304d\u305f\u3068\u8003\u3048\u3066\u3044\u307e\u3059\u3002\u8106\u5f31\u6027\u306f\u30ea\u30e2\u30fc\u30c8\u304b\u3089\u306e\u60aa\u7528\u306f\u3067\u304d\u307e\u305b\u3093\u304c\u3001\u975e\u7279\u6a29\u30e6\u30fc\u30b6\u30fc\u3068\u3057\u3066Linux\u30de\u30b7\u30f3\u306b\u30a2\u30af\u30bb\u30b9\u3067\u304d\u305f\u30cf\u30c3\u30ab\u30fc\u306f\u3001\u8106\u5f31\u6027\u3092\u5229\u7528\u3057\u3066\u30eb\u30fc\u30c8\u30a2\u30af\u30bb\u30b9\u3092\u5f97\u308b\u3053\u3068\u304c\u3067\u304d\u308b\u306e\u3067\u3059\u3002<\/p>\n

\u3053\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3059\u308b\u30c7\u30e2\u52d5\u753b\u3082\u516c\u958b\u3055\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n