±â¼ú ÀÚ·á½Ç
[Linux] º¸¾ÈÃë¾àÁ¡ CVE-2024-21626 ´ëÇØ |
---|
Date : 2024-02-06
Name : ¼¹ö¸ó
Hits : 332
|
¾È³çÇϼ¼¿ä. ÁÖ½Äȸ»ç ¼¹ö¸ó ÀÔ´Ï´Ù. ¿À´ÃÀº 2024³â 1¿ù31ÀÏ¿¡ ¹ßÇ¥µÈ º¸¾ÈÃë¾àÁ¡ CVE-2024-21626¿¡ ´ëÇØ ¾Ë¾Æº¸°Ú½À´Ï´Ù. ·¹µåÇÞ¿¡¼ ±ä±Þ°í Áß¿äÇÑ º¸¾ÈÃë¾àÁ¡Àº °øÁöÇÏ°í ÀÖ½À´Ï´Ù. Çϱ⠰æ·Î¿¡¼ È®ÀÎ °¡´É ÇÕ´Ï´Ù. https://access.redhat.com/security/vulnerabilities Red HatÀº ÄÁÅ×ÀÌ³Ê Å»ÃâÀ» Çã¿ëÇÏ´Â ÇÙ½É ÄÁÅ×ÀÌ³Ê ÀÎÇÁ¶ó ±¸¼º ¿ä¼ÒÀÎ 'runc'ÀÇ Ãë¾à¼ºÀ» ÀνÄÇÕ´Ï´Ù. °ø°ÝÀÚ´Â ÀÌ·¯ÇÑ ÄÁÅ×ÀÌ³Ê Å»ÃâÀ» »ç¿ëÇÏ¿© ÄÁÅ×ÀÌ³Ê ³»¿¡¼ ±âº» È£½ºÆ® ¿î¿µ üÁ¦¿¡ ¹«´ÜÀ¸·Î ¾×¼¼½ºÇÒ ¼ö ÀÖ½À´Ï´Ù. °ø°ÝÀÚ°¡ ÀÌ Ãë¾à¼ºÀ» ÀÌ¿ëÇÒ ¼ö ÀÖ´Â ¸î °¡Áö ¹æ¹ýÀÌ ÀÖ½À´Ï´Ù. »ç¿ëÀÚ°¡ ¾ÇÀÇÀûÀÎ À̹ÌÁö¸¦ »ç¿ëÇϰųª ±¸ÃàÇϵµ·Ï ¼ÓÀ̰ųª 'runcexec'·Î ½ÇÇàµÉ ¼ö ÀÖ´Â ÄÁÅ×ÀÌ³Ê ³» ¾Ç¼º ÇÁ·Î¼¼½º¸¦ »ç¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù. ÀÌ ¹®Á¦´Â CVE-2024-21626À¸·Î ÁöÁ¤µÇ¾î ÀÖÀ¸¸ç, ½É°¢µµ ¿µÇâÀÌ Áß¿äÇÑ °ÍÀ¸·Î Æò°¡µË´Ï´Ù. - ´ÙÀ½ Red Hat Á¦Ç° ¹öÀüÀº Á÷Á¢ÀûÀÎ ¿µÇâÀ» ¹Þ½À´Ï´Ù: . Red Hat OpenShift Container Platform 4 . Red Hat OpenShift Container Platform 3.11 . Red Hat Enterprise Linux 7 . Red Hat Enterprise Linux 8 . Red Hat Enterprise Linux 9 ¶ÇÇÑ RHEL CoreOS¸¦ Æ÷ÇÔÇÏ¿© Red Hat Enterprise Linux¿¡¼ Áö¿øµÇ´Â ¸ðµç Red Hat Á¦Ç°µµ ÀáÀçÀûÀ¸·Î ¿µÇâÀ» ¹ÞÀ» ¼ö ÀÖ½À´Ï´Ù. °ü·Ã Ãë¾àÁ¡ CVE-2024-23651, CVE-2024-23652 ¹× CVE-2024-23653ÀÌ moby buildkit¿¡¼ È®ÀεǾúÀ¸¸ç ÇöÀç Red Hat Á¦Ç° º¸¾È ÆÀ¿¡¼ Á¶»ç ÁßÀÔ´Ï´Ù. > ±â¼ú ¿ä¾à ' Dockerfile' ÀÇ 'WORKDIR' ¹× 'RUN' Áö½Ã¹®À» Æò°¡ÇÒ ¶§ ' runc' ´Â ÆÄÀÏ ¼³¸íÀÚ ´©Ãâ °ø°Ý ¹× ÈÄ¼Ó °æ·Î Ž»ö¿¡ Ãë¾àÇÕ´Ï´Ù. Á¦°øµÈ °æ·Î¿¡ ´ëÇÑ ÀÌ·¯ÇÑ ¾àÇÑ Á¦¾î·Î ÀÎÇØ ÄÁÅ×À̳ʴ ȣ½ºÆ® ½Ã½ºÅÛÀÇ ´Ù¸¥ µð·ºÅ͸®¿¡ ¹ÙÀεùµÇ¾î È£½ºÆ® ½Ã½ºÅÛÀÇ ´Ù¸¥ ¸®¼Ò½º¿¡ ´ëÇÑ ¾×¼¼½º¸¦ Çã¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù. > ¿ÏÈ RHEL(Red Hat Enterprise Linux) ¹× OpenShift´Â SELinux¸¦ ´ë»ó Àû¿ë ¸ðµå·Î Á¦°øÇÕ´Ï´Ù. ÀÌ´Â ÄÁÅ×ÀÌ³Ê ÇÁ·Î¼¼½º°¡ È£½ºÆ® ÄÜÅÙÃ÷¿¡ ¾×¼¼½ºÇÏ´Â °ÍÀ» ¹æÁöÇÏ°í ÀÌ °ø°ÝÀ» ¿ÏÈÇÕ´Ï´Ù. DockerfileÀº 'RUN' ¹× 'WORKDIR' Áö½Ã¹®¿¡¼ °Ë»çÇÏ¿© ¼Õ»óÀ» ³ªÅ¸³»´Â À̽ºÄÉÀÌÇÁ³ª ¾ÇÀÇÀûÀÎ °æ·Î°¡ ¾ø´ÂÁö È®ÀÎÇÒ ¼ö ÀÖ½À´Ï´Ù. ¾×¼¼½º¸¦ Á¦ÇÑÇÏ°í ½Å·ÚÇÒ ¼ö ÀÖ´Â ÄÁÅ×ÀÌ³Ê À̹ÌÁö¸¸ »ç¿ëÇÏ¸é ¹«´Ü ¾×¼¼½º¿Í ¾ÇÀÇÀûÀÎ °ø°ÝÀ» ¹æÁöÇÏ´Â µ¥ µµ¿òÀÌ µÉ ¼ö ÀÖ½À´Ï´Ù. > ±â¼úÀû ¼¼ºÎ »çÇ× ÀÌ Ãë¾àÁ¡Àº 'runc'°¡ Dockerfiles ³»¿¡¼ 'WORKDIR' Áö½Ã¹®À» ó¸®ÇÏ´Â ¹æ½Ä¿¡ »Ñ¸®¸¦ µÎ°í ÀÖ½À´Ï´Ù . 'build' ¶Ç´Â 'RUN' ÀÛ¾÷ Áß¿¡ »ý¼ºµÈ ÇÁ·Î¼¼½º¿¡ ´ëÇÑ Ãʱâ ÀÛ¾÷ µð·ºÅ͸®¸¦ ÁöÁ¤ÇÒ ¶§ 'runc'´Â ƯÁ¤ ±ÇÇÑÀÌ Àִ ȣ½ºÆ® µð·ºÅ͸® ÆÄÀÏ ¼³¸íÀÚ¸¦ ´Ý±â Àü¿¡ 'rchdir'À» »ç¿ëÇÏ¿© µð·ºÅ͸®¸¦ º¯°æÇÕ´Ï´Ù . ÀÌ·¯ÇÑ °¨µ¶À¸·Î ÀÎÇØ °ø°ÝÀÚ´Â 'WORKDIR' Áö½Ã¹®À» Á¶ÀÛÇÏ¿© ÀáÀçÀûÀ¸·Î '/proc/self/fd/' µð·ºÅ͸®¸¦ ÅëÇØ ±ÇÇÑ ÀÖ´Â ÆÄÀÏ ¼³¸íÀÚ¸¦ ÁöÁ¤ÇÒ ¼ö ÀÖ½À´Ï´Ù . °á°úÀûÀ¸·Î 'runc'°¡ ÀÏ¹Ý ÀÛ¾÷ Áß¿¡ ÆÄÀÏ ¼³¸íÀÚ¸¦ ´ÝÀº ÈÄ¿¡µµ ¾×¼¼½º °¡´ÉÇÑ »óÅ·ΠÀ¯ÁöµÇ¾î Áß¿äÇÑ È£½ºÆ® ÆÄÀÏ¿¡ ´ëÇÑ ¹«´Ü ¾×¼¼½º¿Í È£½ºÆ® ÆÄÀÏ ½Ã½ºÅÛ ³»¿¡¼ ÀÓÀÇ ÆÄÀÏ »ý¼ºÀÌ ¿ëÀÌÇØÁý´Ï´Ù. ÀÌ °áÇÔÀÌ 'WORKDIR' À» ó¸®ÇÏ´Â ¹æ½ÄÀº »ó´çÇÑ º¸¾È À§ÇèÀ» ÃÊ·¡ÇÏ¿© ÄÁÅ×ÀÌ³Ê Ä§ÀÔ°ú È£½ºÆ® ¿î¿µ üÁ¦ÀÇ ÀáÀçÀû ¼Õ»óÀ» °¡´ÉÇÏ°Ô ÇÕ´Ï´Ù. ¿µÇâÀ» ¹Þ´Â Á¦Ç°¿¡ ´ëÇÑ ¾÷µ¥ÀÌÆ® - 2/5ÀÏ ±âÁØÀ¸·Î RHEL9¿¡ ´ëÇÑ ÆÐÅ°Áö°¡ ³ª¿ÍÀÖ´Â »óÅÂÀÔ´Ï´Ù. . https://access.redhat.com/errata/RHSA-2024:0670 > Âü°í¸µÅ©: - RHSB-2024-001 Leaky Vessels - runc - (CVE-2024-21626) . https://access.redhat.com/security/vulnerability/RHSB-2024-001 - CVE-2024-21626 .https://access.redhat.com/security/cve/CVE-2024-21626 °¨»çÇÕ´Ï´Ù. 1u¼¹ö / APC / DB / defog / DEFOG·¢ / dell5820 / dell5820t / dell7920 / dellpoweredge / dellr240 / dellr340 / dellr350 / dellr450 / dellr540 / dellr630 / dellr640 / dellr740 / dellr750 / dellserver / dellt40 / dellt440 / dellt5820 / dell¼¹ö / DELL¼¹öCPU / DELL¼¹öRAIDÄÁÆ®·Ñ·¯ / DELL¼¹öSASÇϵåµð½ºÅ© / DELL¼¹ö°¡°Ýºñ±³ / DELL¼¹ö°¡°Ýºñ±³°ßÀû / DELL¼¹ö°ßÀû / DELL¼¹ö±¸¸Å / DELL¼¹öµð½ºÅ©±³Ã¼ / DELL¼¹ö¸Þ¸ð¸® / DELL¼¹öÆß¿þ¾î / DELL¼¹öÇϵåµð½ºÅ©±¸¸Å / dell¿öÅ©½ºÅ×ÀÌ¼Ç / dl20 / dl20gen10 / dl360 / dl360gen10 / dl380 / dl380g10 / dl380gen10 / ECC¸Þ¸ð¸® / EDFOG·¢°¡°Ý / ESTSOFT / FIRMWARE / gpu¼¹ö / gpuŸ¿öÇü¼¹ö / HA¼Ö·ç¼Ç / hpdl20 / hpdl360 / hpdl360gen10 / hpdl380 / hpdl380g10 / HPE / HPE Service Pack for Proliant / HPE SPP / hpedl20 / hpedl20gen10 / hpedl360gen10 / hpe¼¹ö / HPE¼¹öCPU / HPE¼¹öRAIDÄÁÆ®·Ñ·¯ / HPE¼¹öSASÇϵåµð½ºÅ© / HPE¼¹ö°¡°Ýºñ±³ / HPE¼¹ö°¡°Ýºñ±³°ßÀû / HPE¼¹ö°ßÀû / HPE¼¹ö±¸¸Å / HPE¼¹öµå¶óÀ̹ö¼³Ä¡ / HPE¼¹öµð½ºÅ©±³Ã¼ / HPE¼¹ö¸Þ¸ð¸® / HPE¼¹öºñ¿ë / HPE¼¹öÆß¿þ¾î / HPE¼¹öÇϵåµð½ºÅ©±¸¸Å / hpgen10 / hpml30 / hpserver / hpz2 / hpz4 / hpz420 / hpz440 / hpz4g4 / hpz640 / hpz6g4 / hpz8g4 / hp¸¶ÀÌÅ©·Î¼¹ö / hp¼¹ö / hp¼¹ö800 / hp¼¹ö800w / hp¼¹öcto / hp¼¹öpc / HP¼¹ö¸Þ¸ð¸® / hp¼¹öÄÄÇ»ÅÍ / HP¼¹öÆß¿þ¾î / HP¼¹öÇϵåµð½ºÅ© / hp¿öÅ©½ºÅ×ÀÌ¼Ç / hpÇÁ·Î¶óÀ̾ðÆ® / HYPER BACKUP / ibm¼¹ö / Intelligent Provisioning / KVM / KVM ±â¼úÁö¿øºñ(ºñ¿ë) / KVM ¼³Ä¡ºñ / L2½ºÀ§Ä¡ / L3½ºÀ§Ä¡ / LENONO¼¹öSASÇϵåµð½ºÅ© / lenovop620 / lenovor650 / LENOVO¼¹ö / LENOVO¼¹öCPU / LENOVO¼¹öRAIDÄÁÆ®·Ñ·¯ / LENOVO¼¹ö°¡°Ýºñ±³ / LENOVO¼¹ö°¡°Ýºñ±³°ßÀû / LENOVO¼¹ö°ßÀû / LENOVO¼¹ö±¸¸Å / LENOVO¼¹öµð½ºÅ©±³Ã¼ / LENOVO¼¹ö¸Þ¸ð¸® / LENOVO¼¹öÇϵåµð½ºÅ©±¸¸Å / LENOVOÆß¿þ¾î¾÷µ¥ÀÌÆ® / Linux / ML30 / ml30gen10 / ML350GEN10 / ML360 / MSSQL / MSSQL ±â¼úÁö¿øºñ(ºñ¿ë) / MSSQL ¼³Ä¡ºñ / MYSQL / MySQL ±â¼úÁö¿øºñ(ºñ¿ë) / MySQL ¼³Ä¡ºñ / OS¼³Ä¡ / p17079-b21 / poweredger740 / poweredger750 / precision5820 / QUADRO / QUADRO±×·¡ÇÈÄ«µå / r240 / r340 / r440 / r740 / RHEL¼³Ä¡ / RMS·¢ / server / serverpc / SOPHOS / SPP / sr250 / sr650 / SYNOLOGY / SYNOLOGY³ª½º / UPS / UPS±â¼úÁö¿ø / UPS³³Ç° / UPS¼³Ä¡ / V3 / Windows¼¹ö¼³Ä¡ / z420 / z620 / z840 / z8g4 / ±â¼úÁö¿øºñ(ºñ¿ë) / ³ª½º±â¼úÁö¿ø / ³ª½º¼³Ä¡Áö¿ø / ³×Æ®¿öÅ©½ºÀ§Ä¡ / ³×Æ®¿öÅ©Àåºñ / ´õºíÅ×ÀÌÅ© / µ¥ÀÌÅͺ£À̽º / µ¨5820 / µ¨¼¹ö / µ¨¼¹öºñ¿ë / µ¨¼¹öÆß¿þ¾î¾÷µ¥ÀÌÆ® / µ¨¿öÅ©½ºÅ×ÀÌ¼Ç / µ¨ÄÄÇ»ÅÍ¿öÅ©½ºÅ×ÀÌ¼Ç / µðÆ÷±× / µðÆ÷±×·¢ / µðÆ÷±×·¢°¡°Ý / µö·¯´×pc / µö·¯´×¼¹ö / ·¢ / ·¢(RACK) ±â¼úÁö¿øºñ(ºñ¿ë) / ·¢(RACK) ¼³Ä¡ºñ / ·¢³³Ç°¼³Ä¡ / ·¢¼³Ä¡ / ·¹³ë¹öp620 / ·¹³ë¹ö¼¹ö / ·¹³ë¹ö¿öÅ©½ºÅ×ÀÌ¼Ç / ·¹³ëº¸¼¹ö / ·¹³ëº¸¼¹öÆß¿þ¾î / ·¹µåÇò¼³Ä¡ / ¸®´ª½º ±â¼úÁö¿øºñ(ºñ¿ë) / ¸®´ª½º ¼³Ä¡ºñ / ¸®´ª½º¼¹ö / ¸®´ª½º¼¹ö¼³Ä¡ / ¸®´ª½º¼¹öÆ®·¯ºí½´Æà / ¸®´ª½ºÆ®·¯ºí½´Æà / ¸®¿í½º / ¹Ì´Ï¼¹ö / ¹Ì´Ï¼¹ö·¢ / ¹æȺ® / ¹æȺ® ±â¼úÁö¿øºñ(ºñ¿ë) / ¹æȺ® ¼³Ä¡ºñ / ¹æȺ®¿£Áö´Ï¾î / ¹é¾÷ / º¸¾È¼Ö·ç¼Ç / º¸¾È¼Ö·ç¼Ç±¸¸Å / º¸¾È¼Ö·ç¼Ç¼³Ä¡ / ¼¹ö / ¼¹ö ±â¼úÁö¿øºñ(ºñ¿ë) / ¼¹ö ·¢¸¶¿îÆ®ºñ¿ë / ¼¹ö ¼³Ä¡ºñ / ¼¹ö Àå¾ÖÁ¶Ä¡ºñ¿ë / ¼¹öCPU / ¼¹öMEMORY / ¼¹öOS¼³Ä¡ / ¼¹öpc / ¼¹ö°¡°Ý / ¼¹ö±¸¸Å / ¼¹ö±â¼úÁö¿ø / ¼¹ö³³Ç° / ¼¹öµð½ºÅ©Àå¾Öó¸® / ¼¹ö·¢ / ¼¹ö·º¸¶¿îÆ® / ¼¹ö¸Þ¸ð¸® / ¼¹ö¸ó / ¼¹ö¸ó±â¼úÁö¿ø / ¼¹ö¹é¾÷ / ¼¹öº¸¾È / ¼¹ö¿£Áö´Ï¾î / ¼¹ö¿ëpc / ¼¹ö¿ë±×·¡ÇÈÄ«µå / ¼¹ö¿ë¸Þ¸ð¸® / ¼¹ö¿ëÄÄÇ»ÅÍ / ¼¹ö¿ëÇϵåµð½ºÅ© / ¼¹öÄÄ / ¼¹öÄÄÇ»ÅÍ / ¼¹öÆ®·¯ºí½´Æà / ¼¹öÈ£½ºÆà / ¼ÒÆ÷½º / ½ºÀ§Ä¡ / ½ºÀ§Ä¡ ±â¼úÁö¿øºñ(ºñ¿ë) / ½ºÀ§Ä¡ ¼³Ä¡ºñ / ½ºÅ丮Áö / ½ºÅ丮Áö ±â¼úÁö¿øºñ(ºñ¿ë) / ½ºÅ丮Áö ·¢¸¶¿îÆ®ºñ¿ë / ½ºÅ丮Áö ¼³Ä¡ºñ / ½ºÅ丮Áö Àå¾ÖÁ¶Ä¡ºñ¿ë / ½ºÅ丮Áö³³Ç°¼³Ä¡ / ½ºÅ丮Áö¼¹ö / ½Ã³î·ÎÁöDS918 / ½Ã³î·ÎÁöHyperBackup / ½Ã³î·ÎÁö³ª½º / ½Ã³î·ÎÁö³ª½º¹é¾÷ / ½Ã³î·ÎÁöÇÏÀÌÆÛ¹é¾÷ / ½ÃÅ¥¾îµð½ºÅ© / ¾È·¦ / ¾Ë¾à / ¿Þµµ¿ì¼¹ö¼³Ä¡ / ¿ìºÐÅõ¼³Ä¡ / ¿öÅ©½ºÅ×ÀÌ¼Ç / ¿öÅ©½ºÅ×À̼Çpc / ¿öÅ©½ºÅ×À̼ÇÄÄÇ»ÅÍ / À©µµ¿ì¼¹ö / À©µµ¿ì¼¹ö2016 / À©µµ¿ì¼¹ö2019 / À©µµ¿ì¼¹öÆ®·¯ºí½´Æà / À©µµ¿ìÁî ±â¼úÁö¿øºñ(ºñ¿ë) / À©µµ¿ìÁî ¼³Ä¡ºñ / À̽ºÆ®¼ÒÇÁÆ® / ÀÌÁßȼַç¼Ç / ÀÌÁßȼַç¼Ç±¸¸Å / ÀÌÁßȼַç¼Ç¼³Ä¡ / ÀÎÅͳݵð½ºÅ© / ÀÛ¾÷ÀåÄÄÇ»ÅÍ / Á¦¿Â¼¹ö / Á¨¼¹ö / Áß°í¼¹ö / Áß°í¿öÅ©½ºÅ×ÀÌ¼Ç / Ä«º¸³ªÀÌÆ® / Ä«½ºÆÛ½ºÅ° / ÄÄÇ»Åͼ¹ö / Äõµå·ÎP400 / Ÿ¿öÇü¼¹ö / Æäµµ¶ó¼³Ä¡ / ÇÁ·Î¶óÀ̾ðÆ® / GPU¼¹ö / ¹Ì´Ï¼¹ö·º / ¼¹ö¿ëPC / Á¨¼¹ö / AI¼¹ö / Á¦¿Â¼¹ö / ¼¹ö°¡°Ý / 1U¼¹ö / HPDL20Gen10 / HP¼¹ö8SFF800W / °¡»ó¼¹ö / Ÿ¿öÇü¼¹ö / HPDL360 / HPDL380Gen10 / ÄÄÇ»Åͼ¹ö / ¹Ìµð¾î¼¹ö / Ÿ¿ö¼¹ö / DB¼¹ö / HP¼¹ö580 / HP¼¹öÆÄ¿ö / HPDL360Gen10 / À©µµ¿ì¼¹öÄÄÇ»ÅÍ / XEON¼¹ö / 881457-B21 |
Content |
Name |
Date |
Hits |
---|---|---|---|
|
2024-02-06 |
332 |