27 ga Janairun da ya gabata, mako guda kawai a yau, mun yi amsa kuwwa game da yanayin rauni a cikin Sudo wanda ya shafi tsarin aikin Linux. Wannan shine abin da muka fahimta, saboda yadda suka bayyana shi, daga bayanan hukuma, inda suka ambaci Ubuntu, Debian da Fedora a matsayin tsarin da abin ya shafa. Sun kuma ambata cewa mai yiwuwa ya shafi sauran rarraba shi ma, kuma a yau mun sami labarin cewa daga cikin tsarin aiki da abin ya shafa har ila yau wasu sun dogara ne da UNIX, kamar BSD da macOS na Apple.
Qualys, wani kamfani da ke California ne ya gano yanayin rashin lafiyar, ko kuma musamman sun kasance waɗanda suka sami damar amfani da wani rauni wanda ya kasance kimanin shekaru goma. Masu amfani da Linux an riga an kare su, amma har yanzu masu amfani da macOS ba su da kariya. An tabbatar da wannan ta hanyar Matthew Hickey, daga gidan Hacker, yana tabbatar da cewa rashin lafiyar sudo hakan kuma yana shafar tsarin da Macs ke amfani da shi.
Mafi wahalar gyarawa akan macOS fiye da kan Linux
CVE-2021-3156 shima yana tasiri @apel MacOS Big Sur (wanda ba a haɗa shi ba a yanzu), zaku iya ba da damar yin amfani da batun ta hanyar haɗa sudo zuwa sudoedit sannan kuma haifar da tuddai don haɓaka gatan mutum zuwa 1337 uid = 0. Nishaɗi don @ p0sixninja pic.twitter.com/tyXFB3odxE
- Dan Dandatsa Fantastic? (@kannywoodexclusive) Fabrairu 2, 2021
CVE-2021-3156 kuma yana shafar Apple's macOS Big Sur (wanda ba a haɗa shi ba a halin yanzu), zaku iya amfani da matsalar ta hanyar alakanta sudo da alamar sudoedit sannan kunna tarin yawa don samun gata daga ɗaya zuwa 1337 uid = 0. Nishaɗi don @ p0sixninja.
Daga abin da zamu iya karantawa a cikin Asusun Twitter na Hickey, shi ne ɗayan ɓarnar ɓarna a cikin tarihin UNIX / Linuxkamar yadda ya shafi Linux kuma yana ci gaba da shafar macOS, Solaris, da sauran tsarin da ba glibc ba. Kuma game da tsarin Apple, masu ci gaba na iya ƙirƙirar facin, amma har yanzu yana iya ɗaukar ɗan lokaci kafin kamfanin ya yi amfani da shi a tsarin aikin sa. Yana tasiri har zuwa macOS 11.2.
Ga wasu masu haɓaka, kamar ossreserver, suna ganin abin dariya cewa, kodayake sun san yadda zasu gyara da kansu, ba za su iya yi ba saboda haƙƙoƙin keɓaɓɓu, don haka dole ne su jira Apple ya saki sabuntawa don magance bug da aka gyara Linux a cikin mako guda. Kuma wannan yana daga cikin fa'idojin amfani da software kamar wanda muke amfani dashi anan.