cve-2015-0235 Experimental Records

All-in-one machine &linux server vulnerability Analysis Patch! linux:5.x Cell storage:11.2.3.1.1




#漏洞需要的补丁包:
glibc-2.5-123.0.1.el5_11.1.i686.rpm
glibc-2.5-123.0.1.el5_11.1.x86_64.rpm
glibc-common-2.5-123.0.1.el5_11.1.x86_64.rpm
glibc-devel-2.5-123.0.1.el5_11.1.i386.rpm
glibc-devel-2.5-123.0.1.el5_11.1.x86_64.rpm
glibc-headers-2.5-123.0.1.el5_11.1.x86_64.rpm
glibc-utils-2.5-123.0.1.el5_11.1.x86_64.rpm
nscd-2.5-123.0.1.el5_11.1.x86_64.rpm


#漏洞补丁包:
http://public-yum.oracle.com/repo/OracleLinux/OL5/latest/x86_64/.


#漏洞修补准备:
[Email protected] ~]# mkdir 20150227
[[Email protected] ~]# CD 20150227/
/root/20150227
[Email protected] 20150227]# rpm-qa--queryformat= "%{name}-%{version}-%{release}.%{arch}\n" | Egrep ' GLIBC|NSCD ' > Bak1


#检测操作系统是否有漏洞:
[Email protected] 20150227]# uname-r
2.6.18-274.el5
[Email protected] 20150227]# sh check.sh
Vulnerable glibc version <= 2.17-54
Vulnerable glibc version <= 2.5-122
Vulnerable glibc version <= 2.12-1.148
Detected GLIBC version 2.5 revision 65
This system was vulnerable to cve-2015-0235. Update the glibc and NCSD packages on your system using the packages released with the following:
Yum Install glibc
[Email protected] 20150227]#


#上传补丁
[Email protected] 20150227]# mkdir/tmp/glibc-update
[Email protected] 20150227]# cd/tmp/glibc-update
[email protected] glibc-update]# LL
-rw-r--r--1 root root 5647080 Feb glibc-2.5-123.0.1.el5_11.1.i686.rpm
-rw-r--r--1 root root 5007817 Feb glibc-2.5-123.0.1.el5_11.1.x86_64.rpm
-rw-r--r--1 root root 17291271 Feb glibc-common-2.5-123.0.1.el5_11.1.x86_64.rpm
-rw-r--r--1 root root 2164300 Feb glibc-devel-2.5-123.0.1.el5_11.1.i386.rpm
-rw-r--r--1 root root 2547507 Feb glibc-devel-2.5-123.0.1.el5_11.1.x86_64.rpm
-rw-r--r--1 root root 616895 Feb glibc-headers-2.5-123.0.1.el5_11.1.x86_64.rpm
-rw-r--r--1 root root 143204 Feb glibc-utils-2.5-123.0.1.el5_11.1.x86_64.rpm
-rw-r--r--1 root root 182696 Feb nscd-2.5-123.0.1.el5_11.1.x86_64.rpm


#关闭相关服务Steps to power down or reboot a cell without affecting asm:note 1188080.1


1) By default, ASM drops a disk shortly after it is taken offline; However, can set the Disk_repair_time attribute to prevent this operation by specifying a time
Interval to repair the disk and bring it back online. The default Disk_repair_time attribute value of 3.6h should is adequate for most environments
(a) To check repair times for all mounted disk groups-log into the ASM instance and perform the following query:
Sql> Select Dg.name,a.value from V$ASM_DISKGROUPDG, V$asm_attribute a where dg.group_number=a.group_number and A.name = ' Disk_repair_time ';
(b) If you need to offline the ASM disks for more than the default time of 3.6 hours then adjust the parameter by issuing the Command below as an example:
sql> ALTER diskgroup DATA SET ATTRIBUTE ' disk_repair_time ' = ' 8.5H ';


2) Next you'll need to check if ASM would be OK if the grid disks go OFFLINE. The following command should return ' Yes ' for the grid disks being listed:
CELLCLI-E list Griddisk attributes Name,asmmodestatus,asmdeactivationoutcome
CELLCLI-E Alter Griddisk all inactive
CELLCLI-E list Griddisk attributes name where asmdeactivationoutcome! = ' Yes '


[Email protected] glibc-update]# rpm-fvh/tmp/glibc-update/*rpm
Warning:/tmp/glibc-update/glibc-2.5-123.0.1.el5_11.1.i686.rpm:header V3 DSA signature:nokey, key ID 1e5e0159
Preparing ... ########################################### [100%]
1:glibc-common ########################################### [14%]
2:GLIBC ########################################### [29%]
3:NSCD ########################################### [43%]
4:glibc-headers ########################################### [57%]
5:glibc-devel ########################################### [71%]
6:GLIBC ########################################### [86%]
7:glibc-devel ########################################### [100%]




# check.sh The file is shown at the bottom:
[Email protected] 20150227]# sh check.sh
Vulnerable glibc version <= 2.17-54
Vulnerable glibc version <= 2.5-122
Vulnerable glibc version <= 2.12-1.148
Detected GLIBC version 2.5 revision 123
Not vulnerable.


[Email protected] 20150227]# CELLCLI
Cellcli:release 11.2.3.2.0-production on Fri Feb 09:31:29 CST 2015
Copyright (c), +, Oracle. All rights reserved.
Cell Efficiency ratio:1,000
Cellcli> alter cell shutdown services all
Stopping the RS, cellsrv, and MS services ...
The SHUTDOWN of services was successful.


[Email protected] 20150227]# shutdown-r-y now
Broadcast message from root (PTS/2) (Fri Feb 27 09:33:06 2015):
The system is going down for reboot now!
[Email protected] 20150227]#




Note: You must restart the operating system immediately after you have patched the patch, otherwise the app business may not be available.


[Email protected] 20150227]# CELLCLI
Cellcli:release 11.2.3.2.0-production on Fri Feb 09:38:06 CST 2015
Copyright (c), +, Oracle. All rights reserved.
Cell Efficiency ratio:1,000
Cellcli> Alter cell startup services all
Starting the RS, Cellsrv, and MS services ...
Getting the state of RS services ... running
Starting Cellsrv Services ...
The STARTUP of CELLSRV services was successful.
Starting MS Services ...
The STARTUP of MS services was successful.


Cellcli> List Cell
localhost online
Cellcli> List Cell Detail
Name:localhost
Bbutempthreshold:60
bbuchargethreshold:800
Bmctype:absent
Cellversion:oss_11.2.3.2.0_linux. x64_120713
cpucount:0
Diaghistorydays:7
Fancount:1/1
Fanstatus:normal
Flashcachemode:writethrough
Id:029e8a73-bcc2-4759-bed1-c596778dbca8
interconnectcount:0
iormboost:0.0
Ipaddress1:192.168.175.138/24
Kernelversion:2.6.18-274.el5
Makemodel:fake Hardware
Metrichistorydays:7
offloadefficiency:1,000.0
Powercount:1/1
Powerstatus:normal
releaseversion:11.2.3.2.0
releasetrackingbug:14212264
Status:online
temperaturereading:0.0
Temperaturestatus:normal
Uptime:0 days, 0:00
Cellsrvstatus:running
Msstatus:running
Rsstatus:running
Cellcli> List Griddisk
Date_cd_disk01_localhost Inactive
Date_cd_disk02_localhost Inactive
Date_cd_disk03_localhost Inactive
Date_cd_disk04_localhost Inactive
Date_cd_disk05_localhost Inactive
Date_cd_disk06_localhost Inactive
Cellcli> Alter Griddisk all active
Griddisk Date_cd_disk01_localhost successfully altered
Griddisk Date_cd_disk02_localhost successfully altered
Griddisk Date_cd_disk03_localhost successfully altered
Griddisk Date_cd_disk04_localhost successfully altered
Griddisk Date_cd_disk05_localhost successfully altered
Griddisk Date_cd_disk06_localhost successfully altered
Cellcli> List Griddisk
Date_cd_disk01_localhost Active
Date_cd_disk02_localhost Active
Date_cd_disk03_localhost Active
Date_cd_disk04_localhost Active
Date_cd_disk05_localhost Active
Date_cd_disk06_localhost Active
Cellcli>


############################################################################################################### ######################
If a rollback is required, the it should be do with Oracle support guidance via an SR.
The information gathered in step 1 above should is provided to the SR.
For all-in-one patching, if patching fails, you need to ask SR:


Note:
We recommend that you create an emergency image using MAKE_CELLBOOT_USB. Cd/opt/oracle. SupportTools./make_cellboot_usb
If the cell installation fails, you can use a backup of the USB flash drive to recover: However, this experiment does not simulate the need for additional technical support. One-machine (x2-2) upgrade takes a conservative estimate of 6-12 hours.
For other Linux database servers, install the system patch reboot system directly. Normal database library server patching takes about 1 hours.






[Email protected] 20150227]# more check.sh
#!/bin/bash
Vercomp () {
if [[$ = = $]]
Then
return 0
Fi
Local ifs=.
Local I ver1= ($) ver2= ($)
# Fill empty fields in ver1 with zeros
For ((i=${#ver1 [@]}; i<${#ver2 [@]}; i++))
Do
Ver1[i]=0
Done
for ((i=0; i<${#ver1 [@]}; i++))
Do
if [[-Z ${ver2[i]}]
Then
# Fill empty fields in ver2 with zeros
Ver2[i]=0
Fi
if ((10#${ver1[i]} > 10#${ver2[i]})
Then
Return 1
Fi
if ((10#${ver1[i]} < 10#${ver2[i]})
Then
Return 2
Fi
Done
return 0
}

glibc_vulnerable_version=2.17
glibc_vulnerable_revision=54
glibc_vulnerable_version2=2.5
glibc_vulnerable_revision2=122
glibc_vulnerable_version3=2.12
glibc_vulnerable_revision3=148
echo "Vulnerable glibc version <=" $GLIBC _vulnerable_version "-" $GLIBC _vulnerable_revision
echo "Vulnerable glibc version <=" $GLIBC _vulnerable_version2 "-" $GLIBC _vulnerable_revision2
echo "Vulnerable glibc version <=" $GLIBC _vulnerable_version3 "-1." $GLIBC _vulnerable_revision3

glibc_version=$ (rpm-q glibc | awk-f "[-.]" ' {print $ '. " $ $} ' | Sort-u)
if [[$glibc _version = = $glibc _vulnerable_version3]]
Then
glibc_revision=$ (rpm-q glibc | awk-f "[-.]" ' {print $} ' | Sort-u)
Else
glibc_revision=$ (rpm-q glibc | awk-f "[-.]" ' {print $4} ' | Sort-u)
Fi
echo "detected glibc version" $GLIBC _version "revision" $GLIBC _revision

vulnerable_text=$ "This system was vulnerable to cve-2015-0235. Update the glibc and NCSD packages on your system using the packages released with the following:
Yum Install glibc "

if [[$glibc _version = = $glibc _vulnerable_version]]
Then
Vercomp $glibc _vulnerable_revision $glibc _revision
elif [[$glibc _version = = $glibc _vulnerable_version2]]
Then
Vercomp $glibc _vulnerable_revision2 $glibc _revision
elif [[$glibc _version = = $glibc _vulnerable_version3]]
Then
Vercomp $glibc _vulnerable_revision3 $glibc _revision
Else
Vercomp $glibc _vulnerable_version $glibc _version
Fi

Case $? Inch
0) echo "$vulnerable _text";;
1) echo "$vulnerable _text";;
2) echo "not vulnerable.";;
Esac


############################################################################################################### ###########

cve-2015-0235 Experimental Records