[ °ø Áö ] ¸®´ª½º Ä¿³Î ¼­ºñ½º°ÅºÎ Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í 2018-08-21

¾È³çÇϽʴϱî. È£½ºÆ®¸ÕÆ®ÀÔ´Ï´Ù.

¸ÕÀú È£½ºÆ®¸ÕÆ®¸¦ ¾Æ²¸ÁÖ½Ã°í »ç¶ûÇØ Áֽô °í°´ ¿©·¯ºÐ²²  Áø½ÉÀ¸·Î °¨»çµå¸®¸ç

¸®´ª½º Ä¿³Î ¼­ºñ½º°ÅºÎ Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í°¡ ÀÖ¾î À̸¦ ¾Ë·Áµå¸®°íÀÚ ÇÕ´Ï´Ù.

---------------------------------------------------------------------------

¡à °³¿ä
o ¸®´ª½º Ä¿³Î¿¡¼­ Á¶ÀÛµÈ ÆÐŶÀ» ó¸®ÇÏ´Â °úÁ¤¿¡¼­ ¹ß»ýÇÏ´Â ¼­ºñ½º°ÅºÎ Ãë¾àÁ¡ ¹ß»ý [1]
  o °ø°ÝÀÚ´Â ÇØ´ç Ãë¾àÁ¡À» ÀÌ¿ëÇÏ¿© ¼­ºñ½º°ÅºÎ µîÀÇ ÇÇÇظ¦ ¹ß»ý½Ãų ¼ö ÀÖ¾î ÃֽŠ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ® ±Ç°í

¡à ¼³¸í
o ¼ö½ÅµÇ´Â ¸ðµç ÆÐŶÀÌ Æ¯Á¤ ÇÔ¼ö¸¦ °­Á¦·Î È£ÃâÇÏ¿© CPU°úºÎÇϸ¦ ¹ß»ý½ÃÅ°´Â ¼­ºñ½º °ÅºÎ Ãë¾àÁ¡ (CVE-2018-5390) [1]
  o ¼ö½ÅµÈ µ¥ÀÌÅ͸¦ ÀçÁ¶¸³ÇÒ ¶§, CPU °úºÎÇϸ¦ ¹ß»ýÇÏ´Â ¼­ºñ½º°ÅºÎ Ãë¾àÁ¡(CVE-2018-5391) [2]
  o ¼ö½ÅµÈ µ¥ÀÌÅ͸¦ ÀçÁ¶¸³ÇÒ ¶§, ºñÈ¿À²ÀûÀÎ ¾Ë°í¸®Áò »ç¿ëÀ¸·Î ÀÎÇØ CPU ¹× ³×Æ®¿öÅ© °úºÎÇÏ·Î ¹ß»ýÇÏ´Â ¼­ºñ½º°ÅºÎ Ãë¾àÁ¡(CVE-2018-6922) [1]
  
¡à ¿µÇâÀ» ¹Þ´Â ½Ã½ºÅÛ
o CVE-2018-5390
   - ¸®´ª½º Ä¿³Î 4.9¸¦ Æ÷ÇÔÇÑ ÀÌÈÄ ¹öÀüÀ» »ç¿ëÇÏ´Â ½Ã½ºÅÛ
o CVE-2018-5391
   - ¸®´ª½º Ä¿³Î 3.9¸¦ Æ÷ÇÔÇÑ ÀÌÈÄ ¹öÀüÀ» »ç¿ëÇÏ´Â ½Ã½ºÅÛ
o CVE-2018-6922
   - 11.2-RELEASE-p1, 11.1-RELEASE-p12 ¹× 10.4-RELEASE-p10 ÀÌÀüÀÇ ¸ðµç FreeBSD ¹öÀü

¡à ÇØ°á ¹æ¾È
o ÇØ´ç Ãë¾àÁ¡¿¡ ÇØ´çµÇ´Â Ä¿³Î ¹öÀü »ç¿ëÀÚ´Â ÃֽŹöÀüÀ¸·Î ¾÷µ¥ÀÌÆ® ¼öÇà
o º¸¾È ¾÷µ¥ÀÌÆ®°¡ °ø°³µÈ ¿î¿µÃ¼Á¦¸¦ ¿î¿µÇÏ°í ÀÖÀ» °æ¿ì, Âü°í »çÀÌÆ®ÀÇ ³»¿ëÀ» ÂüÁ¶ÇÏ¿© º¸¾ÈÁ¶Ä¡ ¶Ç´Â ÃֽŠ¾÷µ¥ÀÌÆ® ¼öÇà
  - Debian [3]
   - Ubuntu [4]
   - Red Hat/CentOS [5]
   - SUSE/openSUSE [6]
   - FreeBSD [7]
  
¡à ±âŸ ¹®ÀÇ»çÇ×
o Çѱ¹ÀÎÅͳÝÁøÈï¿ø ÀÎÅͳÝħÇØ´ëÀÀ¼¾ÅÍ: ±¹¹ø¾øÀÌ 118
  
[Âü°í»çÀÌÆ®]
[1] https://www.kb.cert.org/vuls/id/962459
[2] https://www.kb.cert.org/vuls/id/641765
[3] https://www.debian.org/security/
[4] https://usn.ubuntu.com/
[5] https://access.redhat.com/articles/3553061
[6] https://download.suse.com/patch/finder/
[7] https://www.freebsd.org/security/advisories/FreeBSD-SA-18:08.tcp.asc
  

---------------------------------------------------------------------------

                    Áñ°Å¿òÀÌ Àִ ȣ½ºÆà ¼­ºñ½º  [ È£½ºÆ®¸ÕÆ® ]