公告ID(KYSA-202208-1149)
公告ID���:KYSA-202208-1149
公告摘要���:linux-firmware安全漏洞
等级���:Important
发布日期���:2022-08-15
详细介绍
1.修复的CVE
·CVE-2020-12321
描述���:Intel Wireless Bluetooth是美国英特尔(Intel)公司的一款可以有效解决intel蓝牙在win10系统中出现的一些问题的驱动工具。Intel Wireless Bluetooth 21.110之前版本中存在缓冲区错误漏洞���,这些漏洞可能允许特权升级或拒绝服务。以下产品及型号受到影响���:Intel Wi-Fi 6 AX201,Intel Wi-Fi 6 AX200,Intel Wireless-AC 9560,Intel Wireless-AC 9462,Intel Wireless-AC 9461,Intel Wireless-AC 9260,Intel Dual Band Wireless-AC 8265,Intel Dual Band Wireless-AC 3168,Intel Wireless 7265 (Rev D) Family,Intel Dual Band Wireless-AC 3165。
2.受影响的软件包
·中标麒麟高级服务器操作系统 V7
·aarch64架构:
iwl100-firmware���、iwl1000-firmware���、iwl105-firmware���、iwl135-firmware���、iwl2000-firmware���、iwl2030-firmware���、iwl3160-firmware���、iwl3945-firmware���、iwl4965-firmware���、iwl5000-firmware���、iwl5150-firmware���、iwl6000-firmware���、iwl6000g2a-firmware���、iwl6000g2b-firmware���、iwl6050-firmware���、iwl7260-firmware���、linux-firmware
·x86_64架构:
iwl100-firmware���、iwl1000-firmware���、iwl105-firmware���、iwl135-firmware���、iwl2000-firmware���、iwl2030-firmware���、iwl3160-firmware���、iwl3945-firmware���、iwl4965-firmware���、iwl5000-firmware���、iwl5150-firmware���、iwl6000-firmware���、iwl6000g2a-firmware���、iwl6000g2b-firmware���、iwl6050-firmware���、iwl7260-firmware���、linux-firmware
3.软件包修复版本
·中标麒麟高级服务器操作系统 V7 (aarch64���、x86_64)
iwl100-firmware-39.31.5.1-80.el7_9或以上版本
iwl1000-firmware-39.31.5.1-80.el7_9或以上版本
iwl105-firmware-18.168.6.1-80.el7_9或以上版本
iwl135-firmware-18.168.6.1-80.el7_9或以上版本
iwl2000-firmware-18.168.6.1-80.el7_9或以上版本
iwl2030-firmware-18.168.6.1-80.el7_9或以上版本
iwl3160-firmware-25.30.13.0-80.el7_9或以上版本
iwl3945-firmware-15.32.2.9-80.el7_9或以上版本
iwl4965-firmware-228.61.2.24-80.el7_9或以上版本
iwl5000-firmware-8.83.5.1_1-80.el7_9或以上版本
iwl5150-firmware-8.24.2.2-80.el7_9或以上版本
iwl6000-firmware-9.221.4.1-80.el7_9或以上版本
iwl6000g2a-firmware-18.168.6.1-80.el7_9或以上版本
iwl6000g2b-firmware-18.168.6.1-80.el7_9或以上版本
iwl6050-firmware-41.28.5.1-80.el7_9或以上版本
iwl7260-firmware-25.30.13.0-80.el7_9或以上版本
linux-firmware-20200421-80.git78c0348.el7_9或以上版本
4.修复方法
方法一���:配置源进行升级安装
1.打开软件包源配置文件���,根据仓库地址进行修改。
仓库源地址���:
中标麒麟高级服务器操作系统 V7
aarch64:http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/aarch64/
x86_64:http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/x86_64/
2.配置完成后执行更新命令进行升级���,命令如下���:
yum update Packagename
方法二���:下载安装包进行升级安装
通过软件包地址下载软件包���,使用软件包升级命令根据受影响的软件包
列表进行升级安装, 命令如下���:
yum install Packagename
3.升级完成后是否需要重启服务或操作系统���:
CVE-2020-12321:无需重启操作系统与服务即可使漏洞修复生效。
5.软件包下载地址
·中标麒麟高级服务器操作系统 V7
linux-firmware(aarch64)软件包下载地址:
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/aarch64/Packages/iwl100-firmware-39.31.5.1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/aarch64/Packages/iwl1000-firmware-39.31.5.1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/aarch64/Packages/iwl105-firmware-18.168.6.1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/aarch64/Packages/iwl135-firmware-18.168.6.1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/aarch64/Packages/iwl2000-firmware-18.168.6.1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/aarch64/Packages/iwl2030-firmware-18.168.6.1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/aarch64/Packages/iwl3160-firmware-25.30.13.0-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/aarch64/Packages/iwl3945-firmware-15.32.2.9-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/aarch64/Packages/iwl4965-firmware-228.61.2.24-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/aarch64/Packages/iwl5000-firmware-8.83.5.1_1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/aarch64/Packages/iwl5150-firmware-8.24.2.2-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/aarch64/Packages/iwl6000-firmware-9.221.4.1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/aarch64/Packages/iwl6000g2a-firmware-18.168.6.1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/aarch64/Packages/iwl6000g2b-firmware-18.168.6.1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/aarch64/Packages/iwl6050-firmware-41.28.5.1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/aarch64/Packages/iwl7260-firmware-25.30.13.0-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/aarch64/Packages/linux-firmware-20200421-80.git78c0348.el7_9.noarch.rpm
linux-firmware(x86_64)软件包下载地址:
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/x86_64/Packages/iwl100-firmware-39.31.5.1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/x86_64/Packages/iwl1000-firmware-39.31.5.1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/x86_64/Packages/iwl105-firmware-18.168.6.1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/x86_64/Packages/iwl135-firmware-18.168.6.1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/x86_64/Packages/iwl2000-firmware-18.168.6.1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/x86_64/Packages/iwl2030-firmware-18.168.6.1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/x86_64/Packages/iwl3160-firmware-25.30.13.0-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/x86_64/Packages/iwl3945-firmware-15.32.2.9-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/x86_64/Packages/iwl4965-firmware-228.61.2.24-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/x86_64/Packages/iwl5000-firmware-8.83.5.1_1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/x86_64/Packages/iwl5150-firmware-8.24.2.2-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/x86_64/Packages/iwl6000-firmware-9.221.4.1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/x86_64/Packages/iwl6000g2a-firmware-18.168.6.1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/x86_64/Packages/iwl6000g2b-firmware-18.168.6.1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/x86_64/Packages/iwl6050-firmware-41.28.5.1-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/x86_64/Packages/iwl7260-firmware-25.30.13.0-80.el7_9.noarch.rpm
http://update.cs2c.com.cn/NS/V7/V7Update9/os/adv/lic/updates/x86_64/Packages/linux-firmware-20200421-80.git78c0348.el7_9.noarch.rpm
注���:其他相关依赖包请到相同目录下载
6.修复验证
使用软件包查询命令���,查看相关软件包版本是否与修复版本一致���,如果版本一致���,则说明修复成功。
sudo rpm -qa | grep Packagename
