hwani
1
RockyLinux 8.10 운영중인데요
BPFDOOR 악성코드 관련하여
백도어 설치를 위한 취약점이 있다고 해서 문의드립니다
CVE-2021-3156 sudo 권한상승 취약점
CVE-2021-26084 Atlassian Confluence RCE
CVE-2021-22986 F5 BIG-IP RCE
CVE-2022-22954 VMware Workspace ONE Access RCE
위 CVE 커널패치 필요한가요?
전문가님들 조언이 필요합니다
No there isn’t, use:
dnf changelog sudo | grep -i cve
you will see CVE-2021-3156 is mentioned, and therefore is not vulnerable.
This has nothing to do with Rocky Linux - contact Atlassian.
Rocky Linux is not F5 - contact F5 Networks.
Rocky is not VMware - Contact Broadcom/VMware.
hwani
3
CVE-2021-3156 언급은 되었지만
fixes 되었단 정보는 없는데 적용되어있는건가요?
Expanding the detail:
[root@rocky8 ~]# dnf changelog sudo | grep -A2 3156
- CVE-2021-3156
Resolves: rhbz#1917734
which shows it references Red Hat Bugzilla and therefore has been fixed. So whatever your security scanner is, it is wrong.