Andrey Konovalov ya bayyana ƙarin kwari 15 a cikin Linux kernel USB drivers

Darkcrizt

4 minti

Kebul na Linux

Andrew Konovalov mai binciken tsaro na Google kwanan nan ta buga rahoto kan ganewar rauni 15 (KASHE-2019-19523 - CVE-2019-19537) a kan direbobin USB da aka bayar a cikin kernel na Linux. Wannan shi ne kashi na uku na matsalolin da aka samo yayin gwajin buɗaɗɗen iska na kebul na USB a cikin kunshin syzkaller wanda a baya, wannan mai binciken ya riga ya ba da rahoton raunin 29 kuma wanda mun riga mun yi sharhi a nan a kan shafin yanar gizon.

Mai binciken tsaro ya bayyana batutuwan da aka bayyana a baya cewa waɗannan kurakuran na iya yuwuwar amfani yayin da aka shigar da kebul na USB na musamman a cikin kwamfuta.

Hari zai yiwu idan akwai hanyar shiga kwamfutar ta zahiri kuma yana iya haifar da aƙalla ƙaran kwaya ɗaya, amma ba a cire wasu bayyanannu (alal misali, don irin wannan yanayin da aka gano a cikin 2016, direban USB snd-usbmidi ya sami damar shirya wani amfani don aiwatar da lambar a matakin kernel).

A cikin wannan sabon rahoton by Tsakar Gida Jerin ya kunshi lahani kawai da aka samu ta hanyar isa ga yankunan tuni da aka 'yanta (amfani-bayan-kyauta) ko jagorantar kwararar bayanai daga ƙwaƙwalwar ajiyar kernel.

Batutuwan da za'a iya amfani dasu don ƙin sabis ba a sa su a cikin rahoton ba. Ana iya amfani da raunin lokacin da aka haɗa keɓaɓɓiyar kebul ɗin USB an haɗa su da kwamfuta. Gyara duk matsalolin da aka ambata a cikin rahoton an riga an haɗa su a cikin kwaya, amma wasu kwari waɗanda ba a haɗa su a cikin rahoton ba a gyara su ba tukuna.

Bugarin kwari da ke cikin direbobin USB na kernel na USB waɗanda za a iya haifar da wata mummunar USB ta waje an samo su tare da syzkaller… Duk waɗannan kwari an gyara su sama (amma sauran sauran kwari na syzbot USB ba a gyara su ba)

Mafi haɗarin haɗari don amfani da shi bayan sakin wannan wanda zai iya haifar da aiwatar da lambar harin da aka gyara a cikin direbobin adutux, ff-memless, ieee802154, pn533, hiddev, iowarrior, mcba_usb da yurex.

A karkashin CVE-2019-19532, an taƙaita ƙarin raunin 14 a cikin direbobin HID saboda kurakurai marasa iyaka. Masu kula ttbb_dec, pcan_usb_fd da pcan_usb_pro sun ci karo da batutuwan da ke haifar da yoyon bayanan daga ƙwaƙwalwar ajiyar kernel. Kundin kebul na USB don aiki tare da na'urorin haruffa ya gano batun (CVE-2019-19537) wanda ya faru sakamakon yanayin tsere.

CVE-2019-19523

- A cikin kernel na Linux kafin 5.3.7, akwai kuskuren amfani wanda kwayar USB mai cutarwa zata iya haifar dashi en direbobi / usb / misc / adutux.c, wanda kuma aka sani da CID-44efc269db79.

CVE-2019-19524

A cikin kernel na Linux kafin 5.3.12, akwai kuskuren amfani wanda zai iya haifar da mummunan na'urar USB a cikin direba / input/ff-memless.c, wanda aka fi sani da CID-fa3a5a1880c9.

CVE-2019-19532

A cikin kernel na Linux kafin 5.3.9, akwai kurakurai da yawa da aka rubuta wanda kuskuren na'urar USB a cikin Linux kernel HID direbobi, wanda aka fi sani da CID-d9d4b1e46d95. Wannan yana shafar:

direbobi / ɓoye / ɓoye-axff.c, direbobi / ɓoyayyen-ɓoye-dr.c, direbobi / ɓoye / ɓoye-emsff.c

direbobi / ɓoye / ɓoye-gaff.c, direbobi / ɓoye / ɓoye-holtekff.c

direbobi / ɓoye / ɓoye-lg2ff.c, direbobi / ɓoye / ɓoye-lg3ff.c

direbobi / ɓoye / ɓoye-lg4ff.c, direbobi / ɓoyayye / ɓoye-lgff.c

direbobi / ɓoye / ɓoye-logitech-hidpp.c, direbobi / ɓoyayye / ɓoye-microsoft.c

direbobi / ɓoye / ɓoye-sony.c, direbobi / ɓoye / ɓoye-tmff.c

direbobi / ɓoye / ɓoye-zpff.c.

Hakanan zamu iya lura da gano raunin huɗu (CVE-2019-14895, CVE-2019-14896, CVE-2019-14897, CVE-2019-14901) a kan mai sarrafawa don kwakwalwan mara waya na Marvell, wanda na iya haifar da ambaliyar ajiya.

Ana iya aiwatar da hari daga nesa aika firam da aka tsara ta wata hanya lokacin haɗawa zuwa hanyar samun mara waya ta maharin. Barazanar da ta fi dacewa ita ce musanta sabis na nesa (haɗuwar kernel), amma ba a cire yiwuwar yin lambar aiki a kan tsarin ba.

A halin yanzu matsalolin da ba a gyara ba waɗanda tuni aka bayyana su kwanaki da yawa da suka gabata a cikin rarrabawar (Debian, Ubuntu, Fedora, RHEL, SUSE) tuni suna aiki don gyara kurakuran. Kodayake an riga an gabatar da facin don haɗawa cikin Kernel na Linux don sigogin na gaba.

Idan kana son karin bayani game da kurakuran da aka samo, zaku iya tuntuɓar asalin littafin a cikin link mai zuwa kuma wannan wani mahada.


Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Alhakin bayanai: AB Internet Networks 2008 SL
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.

  1.   Aritz m
    sa 4 shekaru

    "A cikin kwayar Linux kafin 5.3.9, akwai da yawa daga cikin kurakuran rubuta kurakurai". Don Allah a gyara, Dauda.

    Amsa wa Aritz