{"id":24925,"date":"2021-12-28T01:53:38","date_gmt":"2021-12-27T17:53:38","guid":{"rendered":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/?p=24925"},"modified":"2023-03-23T11:03:50","modified_gmt":"2023-03-23T03:03:50","slug":"%e3%80%90%e6%bc%8f%e6%b4%9e%e9%a0%90%e8%ad%a6%e3%80%91ubuntu%e7%9a%84%e5%b8%b3%e8%99%9f%e6%9c%8d%e5%8b%99%e5%85%83%e4%bb%b6%e5%ad%98%e5%9c%a8%e6%bc%8f%e6%b4%9e%ef%bc%8c%e6%81%90%e8%ae%93%e6%94%bb","status":"publish","type":"post","link":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/archives\/24925","title":{"rendered":"\u3010\u6f0f\u6d1e\u9810\u8b66\u3011Ubuntu\u7684\u5e33\u865f\u670d\u52d9\u5143\u4ef6\u5b58\u5728\u6f0f\u6d1e\uff0c\u6050\u8b93\u653b\u64ca\u8005\u80fd\u53d6\u5f97Root\u6b0a\u9650"},"content":{"rendered":"

\u6559\u80b2\u6a5f\u69cbANA\u901a\u5831\u5e73\u53f0<\/h3>\n\n\n\n\n\n\n\n\n\n\n
\u767c\u4f48\u7de8\u865f<\/td>\nTACERT-ANA-2021122703125858<\/td>\n\u767c\u4f48\u6642\u9593<\/td>\n2021-12-27 15:32:59<\/td>\n<\/tr>\n
\u4e8b\u6545\u985e\u578b<\/td>\nANA-\u6f0f\u6d1e\u9810\u8b66<\/td>\n\u767c\u73fe\u6642\u9593<\/td>\n2021-12-27 14:20:59<\/td>\n<\/tr>\n
\u5f71\u97ff\u7b49\u7d1a<\/td>\n\u4f4e<\/td>\n<\/td>\n<\/td>\n<\/tr>\n
[\u4e3b\u65e8\u8aaa\u660e:]\u3010\u6f0f\u6d1e\u9810\u8b66\u3011Ubuntu\u7684\u5e33\u865f\u670d\u52d9\u5143\u4ef6\u5b58\u5728\u6f0f\u6d1e<\/wbr>\uff0c\u6050\u8b93\u653b\u64ca\u8005\u80fd\u53d6\u5f97Root\u6b0a\u9650<\/td>\n<\/tr>\n
[\u5167\u5bb9\u8aaa\u660e:]<\/p>\n

\u8f49\u767c\u00a0 \u6578\u806f\u8cc7\u5b89(ISSDU)ISSDU-ANA-202112-<\/wbr>0003<\/p>\n

Ubuntu\u4f5c\u696d\u7cfb\u7d71\u88e1\u7684\u684c\u9762\u74b0\u5883GNOME\uff0c<\/wbr>\u5176\u4e2d\u7684AccountsService\u5143\u4ef6\uff0c<\/wbr>\u5b58\u5728\u8a18\u61b6\u9ad4\u96d9\u91cd\u91cb\u653e\u7684\u6f0f\u6d1eCVE-2021-3939\uff0c<\/wbr>\u5f71\u97ffUbuntu 21.10\u300121.04\u300120.04 LTS\u3002<\/p>\n

\u4e00\u65e6\u653b\u64ca\u8005\u5229\u7528\u9019\u9805\u6f0f\u6d1e\uff0c\u5c31\u80fd\u5728\u672c\u6a5f\u7aef\u63d0\u5347\u6b0a\u9650\uff0c<\/wbr>\u7814\u7a76\u4eba\u54e1\u4e5f\u63d0\u51fa\u6982\u5ff5\u6027\u9a57\u8b49\u653b\u64ca\u5f71\u7247\uff0c<\/wbr>\u4e26\u6307\u51fa\u6b64\u6f0f\u6d1e\u4e26\u975e\u6bcf\u6b21\u90fd\u80fd\u99ac\u4e0a\u89f8\u767c\uff0c<\/wbr>\u4f46\u653b\u64ca\u8005\u53ef\u6162\u6162\u6e2c\u8a66\u6578\u500b\u5c0f\u6642\u76f4\u5230\u6210\u529f\u70ba\u6b62\u3002<\/p>\n

\u60c5\u8cc7\u5206\u4eab\u7b49\u7d1a: WHITE(\u60c5\u8cc7\u5167\u5bb9\u70ba\u53ef\u516c\u958b\u63ed\u9732\u4e4b\u8cc7\u8a0a)<\/td>\n<\/tr>\n

[\u5f71\u97ff\u5e73\u53f0:]<\/p>\n
    \n
  • Ubuntu 21.10<\/li>\n
  • Ubuntu 21.04<\/li>\n
  • Ubuntu 20.04 LTS<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
[\u5efa\u8b70\u63aa\u65bd:]<\/p>\n

\u8acb\u5347\u7d1a\u81f3AccountsService \u7248\u672c 0.6.55-0ubuntu12~20.04.5\u30010.6.<\/wbr>55-0ubuntu13.3\u30010.6.55-<\/wbr>0ubuntu14.1 (\u542b)\u4ee5\u4e0a\u3002<\/td>\n<\/tr>\n

[\u53c3\u8003\u8cc7\u6599:]<\/p>\n
    \n
  1. https:\/\/cve.mitre.org\/cgi-<\/wbr>bin\/cvename.cgi?name=CVE-2021-<\/wbr>3939<\/a><\/li>\n
  2. https:\/\/www.<\/wbr>bleepingcomputer.com\/news\/<\/wbr>security\/attackers-can-get-<\/wbr>root-by-crashing-ubuntu-s-<\/wbr>accountsservice\/<\/li>\n<\/ol>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n\n\n\n\n
    (\u6b64\u901a\u5831\u50c5\u5728\u65bc\u544a\u77e5\u76f8\u95dc\u8cc7\u8a0a\uff0c\u4e26\u975e\u70ba\u8cc7\u5b89\u4e8b\u4ef6)\uff0c<\/wbr>\u5982\u679c\u60a8\u5c0d\u6b64\u901a\u5831\u7684\u5167\u5bb9\u6709\u7591\u554f\u6216\u6709\u95dc\u65bc\u6b64\u4e8b\u4ef6\u7684\u5efa\u8b70\uff0c<\/wbr>\u6b61\u8fce\u8207\u6211\u5011\u9023\u7d61\u3002<\/td>\n<\/tr>\n
    \u6559\u80b2\u6a5f\u69cb\u8cc7\u5b89\u901a\u5831\u61c9\u8b8a\u5c0f\u7d44
    \n\u7db2\u5740\uff1ahttps:\/\/info.cert.tanet.<\/wbr>edu.tw\/<\/a>
    \n\u5c08\u7dda\u96fb\u8a71\uff1a07-5250211
    \n\u7db2\u8def\u96fb\u8a71\uff1a98400000
    \nE-Mail\uff1a    service@cert.tanet.edu.<\/wbr>tw<\/a><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"

    \u6559\u80b2\u6a5f\u69cbANA\u901a\u5831\u5e73\u53f0 \u767c\u4f48\u7de8\u865f TACERT-ANA-2021122703125858 \u767c\u4f48\u6642\u9593 2021-12-27 15:32:59 \u4e8b\u6545\u985e\u578b ANA-\u6f0f\u6d1e\u9810\u8b66 \u767c\u73fe\u6642\u9593 2021-12-27 14:20:59 \u5f71\u97ff\u7b49\u7d1a \u4f4e [\u4e3b\u65e8\u8aaa\u660e:]\u3010\u6f0f\u6d1e\u9810\u8b66\u3011Ubuntu\u7684\u5e33\u865f\u670d\u52d9\u5143\u4ef6\u5b58\u5728\u6f0f\u6d1e\uff0c\u6050\u8b93\u653b\u64ca\u8005\u80fd\u53d6\u5f97Root\u6b0a\u9650 [\u5167\u5bb9\u8aaa\u660e:]<\/p>\n

    \u8f49\u767c \u6578\u806f\u8cc7\u5b89(ISSDU)ISSDU-ANA-202112-0003<\/p>\n

    Ubuntu\u4f5c\u696d\u7cfb\u7d71\u88e1\u7684\u684c\u9762\u74b0\u5883GNOME\uff0c\u5176\u4e2d\u7684AccountsService\u5143\u4ef6\uff0c\u5b58\u5728\u8a18\u61b6\u9ad4\u96d9\u91cd\u91cb\u653e\u7684\u6f0f\u6d1eCVE-2021-3939\uff0c\u5f71\u97ffUbuntu 21.10\u300121.04\u300120.04 LTS\u3002<\/p>\n

    \u4e00\u65e6\u653b\u64ca\u8005\u5229\u7528\u9019\u9805\u6f0f\u6d1e\uff0c\u5c31\u80fd\u5728\u672c\u6a5f\u7aef\u63d0\u5347\u6b0a\u9650\uff0c\u7814\u7a76\u4eba\u54e1\u4e5f\u63d0\u51fa\u6982\u5ff5\u6027\u9a57\u8b49\u653b\u64ca\u5f71\u7247\uff0c\u4e26\u6307\u51fa\u6b64\u6f0f\u6d1e\u4e26\u975e\u6bcf\u6b21\u90fd\u80fd\u99ac\u4e0a\u89f8\u767c\uff0c\u4f46\u653b\u64ca\u8005\u53ef\u6162\u6162\u6e2c\u8a66\u6578\u500b\u5c0f\u6642\u76f4\u5230\u6210\u529f\u70ba\u6b62\u3002<\/p>\n

    \u60c5\u8cc7\u5206\u4eab\u7b49\u7d1a: WHITE(\u60c5\u8cc7\u5167\u5bb9\u70ba\u53ef\u516c\u958b\u63ed\u9732\u4e4b\u8cc7\u8a0a) [\u5f71\u97ff\u5e73\u53f0:]<\/p>\n

    Ubuntu 21.10 Ubuntu 21.04 Ubuntu 20.04 LTS [\u5efa\u8b70\u63aa\u65bd:]<\/p>\n

    \u8acb\u5347\u7d1a\u81f3AccountsService \u7248\u672c 0.6.55-0ubuntu12~20.04.5\u30010.6.55-0ubuntu13.3\u30010.6.55-0ubuntu14.1 (\u542b)\u4ee5\u4e0a\u3002 [\u53c3\u8003\u8cc7\u6599:]<\/p>\n

    https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-3939 https:\/\/www.bleepingcomputer.com\/news\/security\/attackers-can-get-root-by-crashing-ubuntu-s-accountsservice\/ (\u6b64\u901a\u5831\u50c5\u5728\u65bc\u544a\u77e5\u76f8\u95dc\u8cc7\u8a0a\uff0c\u4e26\u975e\u70ba\u8cc7\u5b89\u4e8b\u4ef6)\uff0c\u5982\u679c\u60a8\u5c0d\u6b64\u901a\u5831\u7684\u5167\u5bb9\u6709\u7591\u554f\u6216\u6709\u95dc\u65bc\u6b64\u4e8b\u4ef6\u7684\u5efa\u8b70\uff0c\u6b61\u8fce\u8207\u6211\u5011\u9023\u7d61\u3002 \u6559\u80b2\u6a5f\u69cb\u8cc7\u5b89\u901a\u5831\u61c9\u8b8a\u5c0f\u7d44 \u7db2\u5740\uff1ahttps:\/\/info.cert.tanet.edu.tw\/ \u5c08\u7dda\u96fb\u8a71\uff1a07-5250211 \u7db2\u8def\u96fb\u8a71\uff1a98400000 E-Mail\uff1aservice@cert.tanet.edu.tw […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[6],"tags":[],"_links":{"self":[{"href":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/posts\/24925"}],"collection":[{"href":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/comments?post=24925"}],"version-history":[{"count":0,"href":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/posts\/24925\/revisions"}],"wp:attachment":[{"href":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/media?parent=24925"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/categories?post=24925"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/tags?post=24925"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}