[Security] Linux Kernel Upgrade 4.18.10 in LinuxMint LMDE3 -Cindy AMD64 PC

【Platform】Virtualbox in Windows7
【OS】LinuxMint LMDE3-Cindy
【Target】Debian-Unstable SID - 4.18.10 Kernel Developer Environments
【Reason】CVE-2018-17182 UAF+PoC 漏洞
$ sudo nano /etc/apt/sources.list.d/official-package-repositories.list

[Repo Add/Edit ]
#stretch-backports
deb http://opensource.nchc.org.tw/debian/ stretch-backports main contrib non-free
#deb http://ftp.tw.debian.org/debian/ stretch-backports main contrib non-free

# Stable
#deb http://opensource.nchc.org.tw/debian/ stable main contrib non-free
#deb-src http://ftp.debian.org/debian stable main contrib non-free

#stable-proposed-updates

# Testing
#deb http://opensource.nchc.org.tw/debian/ testing main contrib non-free
#deb-src http://ftp.debian.org/debian testing main contrib non-free

# Unstable-sid
deb http://opensource.nchc.org.tw/debian/ unstable main contrib non-free
#deb-src http://ftp.debian.org/debian unstable main contrib non-free

# Security updates
deb http://security.debian.org/ stable/updates main contrib non-free
deb http://security.debian.org/ testing/updates main contrib non-free
#deb-src http://security.debian.org/ stable/updates main contrib non-free
#deb-src http://security.debian.org/ testing/updates main contrib non-free

deb http://packages.linuxmint.com cindy main upstream import backport
#deb http://www.deb-multimedia.org stretch main non-free

3 File:
├─ linux-headers-4.18.0-2-amd64
├─ linux-headers-4.18.0-2-common
└─ linux-image-4.18.0-2-amd64

$ sudo apt-get update
$ sudo apt-get install -t  Unstable linux-{image,headers}-amd64
Reading package lists... Done
Building dependency tree
Reading state information... Done

The following additional packages will be installed:

  binutils binutils-common binutils-x86-64-linux-gnu cpp-7 gcc-7 gcc-7-base gcc-8-base libasan4 libatomic1 libbinutils libc-bin libc-dev-bin libc-l10n libc6 libc6-dev libcc1-0 libcilkrts5 libgcc-7-dev libgcc1 libgomp1 libisl19 libitm1 liblsan0 libmpc3 libmpfr6 libmpx2 libquadmath0 libtsan0 libubsan0  linux-compiler-gcc-7-x86
linux-headers-4.18.0-2-amd64
linux-headers-4.18.0-2-common
linux-image-4.18.0-2-amd64
linux-kbuild-4.18 locales

Suggested packages:

  binutils-doc gcc-7-locales gcc-7-multilib gcc-7-doc libgcc1-dbg libgomp1-dbg libitm1-dbg libatomic1-dbg libasan4-dbg liblsan0-dbg libtsan0-dbg libubsan0-dbg libcilkrts5-dbg libmpx2-dbg libquadmath0-dbg glibc-doc linux-doc-4.18 debian-kernel-handbook

The following NEW packages will be installed:

  binutils-common binutils-x86-64-linux-gnu cpp-7 gcc-7 gcc-7-base gcc-8-base libasan4 libbinutils libgcc-7-dev libisl19 libmpfr6 linux-compiler-gcc-7-x86 linux-headers-4.18.0-2-amd64 linux-headers-4.18.0-2-common linux-image-4.18.0-2-amd64 linux-kbuild-4.18

The following packages will be upgraded:

  binutils libatomic1 libc-bin libc-dev-bin libc-l10n libc6 libc6-dev libcc1-0 libcilkrts5 libgcc1 libgomp1 libitm1 liblsan0 libmpc3 libmpx2 libquadmath0 libtsan0 libubsan0 linux-headers-amd64 linux-image-amd64 locales

21 upgraded, 16 newly installed, 0 to remove and 1355 not upgraded.
Need to get 91.6 MB of archives.
After this operation, 398 MB of additional disk space will be used.

Boot Menu Update
$ sudo -s update-grub
$ sudo reboot -f

 Run a while if no Error occur then kill old kernel file
$ dpkg -l | grep linux-headers-4.9.*
$ sudo apt-get purge linux-headers-4.9.*
$ dpkg -l | grep linux-image-4.9.*
$ sudo apt-get purge linux-image-4.9.*
$ sudo apt-get autoremove
$ sudo apt-get autoclean

Reverse Check for No Error
$ sudo dpkg --configure -a

ps.
linux-4.18 network interface mustbe changed:
eth0 / eht1 /eth2  to  enp0s3 / enp0s8 / enp0s9
$ sudo ifconfig
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.0.2.15  netmask 255.255.255.0  broadcast 10.0.2.255
        inet6 fe80::ef36:7274:9e9:fa66  prefixlen 64  scopeid 0x20
        ether 08:00:27:e2:db:e6  txqueuelen 1000  (Ethernet)
        RX packets 180443  bytes 220362361 (210.1 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 57264  bytes 3495393 (3.3 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

enp0s8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.56.101  netmask 255.255.255.0  broadcast 192.168.56.255
        inet6 fe80::88c9:a184:5afe:6282  prefixlen 64  scopeid 0x20
        ether 08:00:27:8e:af:f3  txqueuelen 1000  (Ethernet)
        RX packets 1972  bytes 152854 (149.2 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2855  bytes 521255 (509.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

enp0s9: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::c9d1:6ca7:dda:b5b7  prefixlen 64  scopeid 0x20
        ether 08:00:27:d6:31:5e  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 345  bytes 55046 (53.7 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Related Article:
[OpenWrt][Security]CVE-2018-17182 UAF+PoC 漏洞修補
[Linux]Install TP-Link T4Uv3 Wifi USB3 Dongle in Debian-LinuxMint LMDE3-Cindy with Linux Kernel 4.18
2018-10-10 6:31 發佈
限制級
您即將進入之討論頁 需滿18歲 方可瀏覽。
根據「電腦網路內容分級處理辦法」修正條文第六條第三款規定,已於該限制級網頁,依台灣網站分級推廣基金會規定作標示。
評分
複製連結