安全预警 - 涉及华为多个产品的Dirty COW安全漏洞
- 预警编号:huawei-sa-20161207-01-dirtycow
- 初始发布时间: 2016年12月07日
- 更新发布时间: 2021年12月22日
Linux内核的内存子系统在写入时拷贝(Copy-on-Write,缩写为COW)机制存在条件竞争漏洞,导致可以破坏私有只读内存映射。低权限的本地用户能够利用此漏洞获取其他只读内存映射的写权限(包括系统的只读文件),进而可以获取整个系统的最高权限。 (漏洞编号HWPSIRT-2016-10050)
华为已发布版本修复该漏洞。安全预警链接:
http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-cn
|
产品名称 |
版本号 |
修复版本号 |
|
5288 V3 |
V100R003C00 |
V100R003C00SPC702 |
|
9032 |
V100R001C00 |
V100R001C00SPC205 |
|
V100R001C00SPC101 |
||
|
V100R001C00SPC200 |
||
|
AC6605 |
V200R006C00 |
v2r7c10 |
|
Agile Controller-Campus |
V100R002C00 |
V100R002C10SPC405 |
|
V100R002C10 |
||
|
V100R002C10SPC400 |
||
|
V100R002C10SPC403 |
||
|
Austin |
V100R001C10B290 |
V100R001C10B750SPC007 |
|
V100R001C10B680 |
||
|
V100R001C20B110 |
V100R001C20B210SPC005 |
|
|
V100R001C30 |
V100R001C30B256 |
|
|
V100R001C50 |
V100R001C50B090 |
|
|
BH620 V2 |
V100R002C00 |
V100R001C00SPC206 |
|
BH621 V2 |
V100R002C00 |
V100R002C00SPC403 |
|
BH622 V2 |
V100R002C00 |
V100R002C00SPC403 |
|
BH640 V2 |
V100R002C00 |
V100R002C00SPC403 |
|
Balong GU |
V800R200C50B200 |
V800R200C52B300SPC005 |
|
V800R200C55B200 |
V800R200C55B355SPC001 |
|
|
Balong GUL |
V700R110C30 |
V700R110C30B323 |
|
V700R110C31 |
||
|
V700R200C00 |
V700R200C00B317 |
|
|
V700R220C30 |
V700R220C30B233 |
|
|
V700R500C30 |
V700R500C30B325 |
|
|
V700R500C31 |
V700R500C31B187 |
|
|
CH121 V3 |
V100R001C00 |
V100R001C00SPC205 |
|
CH140 V3 |
V100R001C00 |
V100R001C00SPC126 |
|
CH220 V3 |
V100R001C00 |
V100R001C00SPC203 |
|
CH222 V3 |
V100R001C00 |
V100R001C00SPC205 |
|
CH225 V3 |
V100R001C00 |
V100R001C00SPC103 |
|
CH226 V3 |
V100R001C00 |
V100R001C00SPC125 |
|
Carrier-eLog |
V200R003C10 |
elog V2R5C00SPC200 |
|
Chicago |
V100R001C10 |
V100R001C10B505 |
|
CloudOpera CSM |
SysTool(OSUpgrade)V200R016C10SPC100 |
CSM CSMV200R17C10SPC100 |
|
SysTool(OSUpgrade)V200R016C10SPC100B021 |
||
|
V200R016C10SPC600 |
||
|
Dallas |
V100R001C10 |
V100R001C10B290SPC005 |
|
E5573 |
E5573s-320TCPU-V200R001B180D11SP00C00 |
E5573s-320TCPU-V200R001B323D05SP00C00 |
|
E5878s-32 |
E5878s-32TCPU-V200R001B280D01SP05C00 |
E5878s E5878s-32TCPU-V200R001B316D15SP00C00 |
|
E6000 Chassis |
V100R001C00 |
V100R001C00SPC601 |
|
Enterprise Service Solution EIDC |
V100R001C60 |
V100R001C60LHBM31 |
|
FusionCompute |
V100R003C10SPC600 |
V100R006C10RC1 |
|
V100R005C00 |
||
|
V100R005C10 |
||
|
V100R005C10U1_B1075917 |
||
|
FusionCube |
V100R002C60RC1 |
V100R002C60SPC100 |
|
FusionManager |
FusionManager V100R005C00 |
FusionManager V100R006C00 |
|
FusionManager V100R005C10 |
||
|
V100R003C00 |
V100R006C00 |
|
|
V100R003C10 |
||
|
V100R005C00 |
||
|
V100R005C00SPC100 |
||
|
V100R005C00SPC200 |
||
|
V100R005C00SPC300 |
||
|
V100R005C10 |
||
|
V100R005C10SPC300 |
||
|
V100R005C10SPC500 |
||
|
V100R005C10SPC700 |
||
|
V100R005C10SPC703 |
||
|
V100R005C10SPC720T |
||
|
V100R005C10U1_B1075133 |
||
|
V100R005C10U2 |
||
|
FusionSphere OpenStack |
V100R005C00 |
V100R006C00SPC101 |
|
V100R005C10 |
||
|
V100R005C10SPC500 |
||
|
V100R005C10SPC700 |
||
|
V100R005C10U20 |
||
|
V100R005C10U30 |
||
|
V100R006C00 |
||
|
V100R006C00RC1 |
||
|
FusionStorage Block |
V100R003C00 |
V100R003C30U2SPC001 |
|
V100R003C02 |
||
|
V100R003C30 |
||
|
FusionStorage Object |
V100R002C00 |
V1R2C01LHWS02U1SPC1 |
|
V100R002C01 |
||
|
HiDPTAndroid |
HiDPTAndroidV200R001C00 |
HiDPTAndroidV200R001SPC122 |
|
V300R001C00 |
HiDPTAndroidV300R001C01SPC050 |
|
|
HiSTBAndroid |
HiSTBAndroidV600R003C00SPC010 |
HiSTBAndroidV600R003C00SPC020 |
|
Huawei solutions for SAP HANA |
V100R001C00 |
V100R001C01SPC104 |
|
IPC6112-D |
V100R001C10 |
IPC Module V200R003C00SPC100 |
|
IPC6122-D |
V100R001C10 |
V100R001C10SPC306 |
|
IPC6611-Z30-I |
V100R001C00 |
V100R001C00SPC306 |
|
KII-L21 |
KII-L21C02B131CUSTC02D002 |
KII-L21C02B140CUSTC02D001 |
|
KII-L21C10B130CUSTC10D003 |
KII-L21C10B150CUSTC10D003 |
|
|
KII-L21C10B140CUSTC10D004 |
||
|
KII-L21C185B130CUSTC185D002 |
KII-21 KII-21C185B150CUSTC185D001 |
|
|
KII-L21C185B140CUSTC185D004 |
||
|
KII-L21C185B310CUSTC185D004 |
KII-L21C185B321CUSTC185D001 |
|
|
KII-L21C464B130 |
KII-L21C464B140 |
|
|
KII-L21C629B130CUSTC629D004 |
KII-L21C629B140CUSTC629D001 |
|
|
KII-L21C636B130CUSTC636D002 |
KII-L21C636B160CUSTC636D001 |
|
|
KII-L21C636B140CUSTC636D004 |
||
|
KII-L21C636B150CUSTC636D005 |
||
|
KII-L21C636B310CUSTC636D001 |
KII-L21C636B330CUSTC636D002 |
|
|
KII-L21C636B320CUSTC636D001 |
||
|
KII-L21C900B122 |
KII-L21C900B130 |
|
|
KII-L21C96B130 |
KII-L21C96B140CUSTC96D004 |
|
|
OTA-KII-L21C02B131CUSTC02D002 |
OTA-KII-L21C02B140CUSTC02D001 |
|
|
OTA-KII-L21C185B140CUSTC185D004 |
OTA-KII-L21C185B150CUSTC185D001 |
|
|
OTA-KII-L21C185B310CUSTC185D004 |
KII-L21C185B321CUSTC185D001 |
|
|
OTA-KII-L21C636B140CUSTC636D004 |
OTA-KII-L21C636B160CUSTC636D001 |
|
|
OTA-KII-L21C636B310CUSTC636D001 |
KII-L21C636B330CUSTC636D002 |
|
|
OTA-KII-L21C636B320CUSTC636D001 |
OTA-KII-L21C636B330CUSTC636D002 |
|
|
L2800 |
V100R001C00SPC200 |
V100R001C00SPC301 |
|
LogCenter |
V100R001C10 |
V1R1C20 |
|
OTA- |
KII-L21C636B150CUSTC636D005 |
OTA-KII-L21 OTA-KII-L21C636B160CUSTC636D001 |
|
OceanStor Backup Software |
V100R002C00 |
OceanStor BCManager V200R001C00SPC201B016 |
|
V100R002C00LHWS01_P385795 |
||
|
V100R002C00SPC200 |
||
|
V200R001C00 |
||
|
V200R001C00SPC200 |
||
|
OceanStor CSE |
V100R001C01SPC103 |
V100R002C00LSFM01SPC109 |
|
V100R001C01SPC106 |
||
|
V100R001C01SPC109 |
||
|
V100R001C01SPC112 |
||
|
V100R002C00LSFM01CP0001 |
||
|
V100R002C00LSFM01SPC101 |
||
|
V100R002C00LSFM01SPC102 |
||
|
V100R002C00LSFM01SPC106 |
||
|
OceanStor HDP3500E |
V100R002C00 |
HDP3500E V100R003C00SPC505 |
|
V100R003C00 |
||
|
OceanStor HVS85T |
V100R001C00 |
V100R001C30SPC201 |
|
V100R001C10 |
||
|
V100R001C30 |
||
|
OceanStor N8500 |
V200R001C09 |
OceanStor BCManager V200R001C00SPC201 |
|
V200R001C91 |
||
|
V200R001C91SPC900 |
||
|
OceanStor Onebox |
V100R003C10 |
OceanStor CSE V100R002C00LSFM01SPC109 |
|
OceanStor ReplicationDirector |
V200R001C00 |
OceanStor BCManager V200R001C00SPC201B013 |
|
Onebox Solution |
V100R005C00 |
OceanStor CSE V100R002C00LSFM01SPC109 |
|
V1R5C00RC2 |
||
|
RH1288 V2 |
V100R002C00 |
V100R002C00SPC611 |
|
RH1288 V3 |
V100R003C00 |
V100R003C00SPC622 |
|
RH1288A V2 |
V100R002C00 |
V100R002C00SPC716 |
|
RH2285 V2 |
V100R002C00 |
V100R002C00SPC505 |
|
RH2285H V2 |
V100R002C00 |
V100R002C00SPC606 |
|
RH2288 V2 |
V100R002C00 |
V100R002C00SPC606 |
|
RH2288 V3 |
V100R003C00 |
V100R003C00SPC622 |
|
RH2288A V2 |
V100R002C00 |
V100R002C00SPC716 |
|
RH2288E V2 |
V100R002C00 |
V100R002C00SPC300 |
|
RH2288H V2 |
V100R002C00 |
V100R002C00SPC710 |
|
RH2288H V3 |
V100R003C00 |
V100R003C00SPC530 |
|
RH2485 V2 |
V100R002C00 |
V100R002C00SPC700 |
|
RH5885 V3 |
V100R003C01 |
V100R003C01SPC119 |
|
V100R003C10 |
V100R003C10SPC109 |
|
|
RH5885H V3 |
V100R003C00 |
V100R003C00SPC206 |
|
V100R003C10 |
V100R003C10SPC105 |
|
|
RH8100 V3 |
V100R003C00 |
V100R003C00SPC213 |
|
SMU(02B) |
V300R002C10 |
SMU V500R002C20SPC961 |
|
V300R002C20 |
||
|
V300R003C00 |
||
|
V300R003C10 |
||
|
V300R003C91 |
||
|
V300R003C93 |
||
|
V500R001C00 |
||
|
V500R001C10 |
||
|
V500R001C20 |
||
|
SMU(02C) |
V500R001C20 |
SMU V500R003C00SPC031 |
|
V500R001C30 |
||
|
V500R001C50 |
||
|
V500R001C60 |
||
|
V500R002C00 |
||
|
V500R002C10 |
||
|
V500R002C20 |
||
|
V500R002C30 |
||
|
V500R002C50 |
||
|
SMU(02S) |
V500R001C50 |
SMU V500R003C00SPC031 |
|
V500R001C60 |
||
|
V500R002C00 |
||
|
V500R002C10 |
||
|
V500R002C20 |
||
|
V500R002C30 |
||
|
UPS2000 |
V100R001C00 |
V100R021C92SPC050 |
|
V100R001C10 |
||
|
V100R001C34 |
||
|
V100R002C02 |
||
|
V200R001C01 |
||
|
V200R001C31 |
||
|
UPS5000 |
V100R001C00 |
V100R003C01SPC408 |
|
V100R001C08 |
||
|
V100R001C10 |
||
|
V100R001C37 |
||
|
V100R001C39 |
||
|
V100R002C00 |
V100R003C01SPC410 |
|
|
V100R002C04 |
V100R003C01SPC408 |
|
|
V100R002C11 |
V100R003C01SPC410 |
|
|
V100R002C15 |
V100R003C01SPC408 |
|
|
V100R002C34 |
||
|
V100R002C41 |
V100R002C41SPC601 |
|
|
V100R003C00 |
V100R003C01SPC408 |
|
|
V100R003C01 |
||
|
V100R003C03 |
||
|
V300R001C90 |
||
|
V300R002C00 |
V100R002C41SPC601 |
|
|
V1300N |
V100R002C02 |
VCN3010 V100R002C50 |
|
VCM |
V100R001C00 |
VCM5010 V100R002C50 |
|
V100R001C10 |
||
|
V100R001C20 |
||
|
X6000 |
V100R002C00 |
XH621 V2 V100R001C00SPC300 XH310 V2 V100R001C00SPC301 XH311 V2 V100R001C00SPC301 XH320 V2 V100R001C00SPC300 XH321 V2 V100R002C00SPC503 XH310 V3 V100R003C00SPC600 |
|
X6800 |
V100R003C00 |
XH620 V3 V100R003C00SPC615 |
|
eA680-208 |
V100R001C00 |
V100R001C00SPC100 |
|
eCloud CC |
V100R001C01LSHU01 |
V100R001C01LPAT14 |
|
eLog |
V200R003C10 |
elog V2R5C00SPC200 |
|
V200R003C20 |
||
|
eOMC910 |
V100R003C00 |
eOMC910_TD V100R003C00SPC200 |
|
eSight |
V300R003C20 |
V300R003C20CP0062 |
|
V300R005C00SPC200 |
||
|
eSight Network |
V300R006C00 |
V300R006C00SPC501 |
|
V300R007C00 |
V300R007C00SPC100 |
|
|
eSpace 8950 |
V200R003C00 |
V200R003C00SPCf00 |
|
eSpace IPC |
V100R001C21 |
IPC6325-WD-VR V200R002C20SPC200 |
|
V200R001C01 |
||
|
V200R001C02 |
||
|
eSpace VCN3000 |
V100R001C01 |
VCN3010 V100R002C50 |
|
V100R002C00 |
||
|
V100R002C10 |
||
|
V100R002C20 |
||
|
iBattery |
iBattery_V276 |
iBattery_V297B014 included in UPS5000 V300R002C10SPC401 |
|
iBattery_V281 |
||
|
iBattery_V285 |
||
|
iBattery_V286 |
||
|
iBattery_V289 |
||
|
inCloud Eye |
V200R001C21 |
V2R1C30U1 |
|
ECC800 |
V100R001C10 |
ECC800 V100R002C00SPC200 |
|
V100R001C10SPC100 |
||
|
ECC500 |
V600R002C00 |
|
|
V600R002C00SPC200T |
||
|
V600R002C00SPC300 |
||
|
V600R002C00SPC300T |
攻击者可以利用此漏洞进行越权进而可以获取系统管理员权限。
漏洞使用CVSSv3计分系统进行分级(http://www.first.org/cvss/specification-document)
基础得分:7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)临时得分:7.2 (E:F/RL:O/RC:C)
1.利用漏洞发起攻击的预置条件:
具有低权限的本地用户接入设备。
2.漏洞详细描述:
漏洞详情参考如下链接:
https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails
无
用户可以通过华为TAC (Huawei Technical Assistance Center)获取补丁/更新版本。
TAC的联系方式见链接http://www.huawei.com/cn/psirt/report-vulnerabilities。
该漏洞由Phil Oester对外披露。
2021-12-22 V1.7 UPDATED 刷新受影响的产品版本和修复计划
2021-01-20 V1.6 UPDATED 刷新受影响的产品版本和修复计划
2020-06-24 V1.5 UPDATED 刷新受影响的产品版本和修复计划
2017-05-31 V1.4 UPDATED 刷新受影响的产品版本和修复计划
2017-02-22 V1.3 UPDATED 刷新受影响的产品版本和修复计划
2017-01-18 V1.2 UPDATED 刷新受影响的产品版本和修复计划
2016-12-21 V1.1 UPDATED 刷新受影响的产品版本和修复计划
2016-12-07 V1.0 INITIAL
无
华为一贯主张尽全力保障产品用户的最终利益,遵循负责任的安全事件披露原则,并通过产品安全问题处理机制处理产品安全问题。
获取华为公司安全应急响应服务及华为产品漏洞信息,请访问http://www.huawei.com/cn/psirt。
反馈华为产品和解决方案安全问题,请反馈至华为PSIRT邮箱PSIRT@huawei.com,详情参考http://www.huawei.com/cn/psirt/report-vulnerabilities。
