漏洞补丁修复

RHSA-2017:0574: gnutls security, bug fix, and enhancement update (Moderate)

标题: GnuTLS栈缓冲区溢出漏洞

CVSS分值: 7.5

CVSS: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

披露时间: 2017-03-24 00:00:00

利用难度: LOW

POC公开时间: 2017-05-30 10:34:21

CVEID: CVE-2017-5336

简介:

漏洞触发在lib/opencdk/cdk_pk_get_keyid函数，远程攻击者可通过构造一个恶意的OpenPGP证书来触发此漏洞，导致OpenSSL拒绝服务。

影响范围：
GnuTLS <= 3.3.25
GnuTLS 3.5.0 < 3.5.7

yum update openssh yum update openssh-askpass yum update openssh-clients yum update openssh-server

SXSTDB

yum update openssh yum update openssh-askpass yum update openssh-clients yum update openssh-server