Masu haɓaka AuroraOS tsarin aikin wayar hannu (cokulan tsarin aikin Sailfish, wanda kamfanin Open Mobile Platform ya haɓaka) raba gyara don yanayin rauni cewa sun gano a cikin memcpy. Kawar da yanayin rauni (CVE-2020-6096) a cikin Glibc, wanda ke nuna kansa kawai akan dandalin ARMv7.
Bayani game da yanayin rashin lafiyar ya bayyana a watan Mayu, amma har zuwa thean kwanakin da suka gabata, gyaran bai samu ba, duk da kasancewa an sanya larurar babban haɗari kuma akwai samfurin aiki na amfani hakan yana ba da damar tsara aiwatar da lambar.
Amfani ya shirya yana aiki yayin aiki a cikin memcpy () da memmove () ayyuka don takamaiman bayanan da aka tsara.
Mahimmancin Glibc shine wannan ɗakin karatun yana bayyana kiran tsarin da sauran ayyuka na asali ban da kasancewar kusan duk shirye-shirye suna amfani dasu.
Game da matsalar
Rashin lafiyar ya bayyana a aiwatar da memcpy () da memmove () a cikin harshen taro don ARMv7 kuma ya samo asali ne ta hanyar aiki mara kyau na ƙimar mizanin da ke ƙayyade girman yankin.
Matsaloli tare da ci gaban faci sun fara lokacin da SUSE da Red Hat suka ba da sanarwar cewa dandamali ba su da tasiri saboda matsalar, tunda basu tattara na tsarin 7-bit ARMv32 ba kuma basu shiga ƙirƙirar facin ba.
Masu haɓaka yawancin rarrabawa da alama sun amince da ƙungiyar Glibc, kuma su ma ba su da hannu cikin shirya facin.
Magani
Huawei ya ba da zaɓi ga faci toshe matsalar kusan nan da nan, wanda yayi ƙoƙarin maye gurbin umarnin mai haɗawa wanda ke aiki akan operands da aka sa hannu (bge da blt) tare da analogs marasa sa hannu (blo da bhs).
Masu kula da Glibc sun haɓaka ɗakin gwajin don gwada yanayi daban-daban don faruwar kuskure, bayan wanda ya kasance cewa facin Huawei bai dace ba kuma baya aiwatar da dukkan haɗakar data shigar dashi.
Tun da AuroraOS yana da 32-bit gini don ARM, ku masu haɓakawa sun yanke shawarar rufe yanayin rauni da kansu da kuma samar da mafita ga al'umma.
Matsalar ita ce, ya zama dole a rubuta aiwatarwa mai tasiri mai tattara aikin kuma la'akari da zaɓuɓɓuka da yawa don takaddun shigarwar.
An sake rubuta aiwatarwar ta amfani da umarnin da ba a sa hannu ba. Facin ya zama karami, amma babbar matsalar ita ce kiyaye saurin aiwatarwa da kuma kawar da lalacewar aiki daga memcpy da ayyukan memmove, yayin kiyaye daidaituwa tare da duk haɗakar ƙimar shigarwa.
A farkon Yuni, an shirya mafita biyu, wucewa tsarin gwajin Glibc da dakin gwajin Aurora. A ranar 3 ga Yuni, an zaɓi ɗayan zaɓuɓɓukan kuma ƙaddamar zuwa jerin aikawasiku na Glibc.
Mako guda baya, an sake samar da wata hanyar makamancin wannan, wacce ta daidaita matsalar a cikin aiwatar da mulki da yawa, wanda Huawei ta taɓa ƙoƙarin gyarawa. Wata daya ya ɗauki gwaji da kuma halal bisa la'akari da mahimmancin facin.
A ranar 8 ga Yuli, an karɓi gyare-gyare a babban reshe na fitowar glibc 2.32 mai zuwa. Aikace-aikacen ya haɗa da faci biyu:
- Na farko don kafa ƙwaƙwalwar aikace-aikace Multiarch don ARMv7
- Na biyu don aiwatar da mempopy na memcpy () da memmove () don ARM.
Matsalar ta shafi miliyoyin na'urorin ARMv7 Linux kuma ba tare da ingantaccen sabuntawa ba, masu mallaka suna haɗarin haɗa su zuwa cibiyar sadarwar (ayyuka da aikace-aikacen da ake samu akan hanyar sadarwar waɗanda ke karɓar shigarwar ba tare da ƙuntataccen girma ba ana iya kaiwa hari).
Misali, shirin amfani ta masu binciken wanda gano yanayin rauni yana nuna yadda ake afkawa uwar garken http haɗe cikin tsarin bayanin motar ta hanyar aikawa da babban buƙatar GET da samun damar tushen tsarin.
Maganin kunshin Debian da Ubuntu har yanzu ba a sake su ba y yanayin rauni ya kasance ba a gyara shi ba kusan watanni biyu daga lokacin da aka bayyana jama'a da kuma watanni biyar daga lokacin da aka sanar da masu haɓaka Glibc.