Babu wani abu mai ban mamaki, wasan kwaikwayo na sifili ... Amma an gano wani yanayin rauni, CVE-2020-10713, wanda ya shafi GRUB2 bootloader da Secure Boot. Bugun ƙungiyar bincike na Eclypsium shine abin da ke bayan wannan binciken kuma wanda suka sanya masa suna BootHole. Ko da Microsoft sun wallafa wani shigarwa a shafinta na tsaro da ke gargadi game da shi kuma suna da'awar cewa akwai matsala mai rikitarwa a halin yanzu.
BootHole Halin rashin ƙarfi ne wanda ke shafar biliyoyin na'urori tare da GRUB2 har ma da wasu ba tare da GRUB2 da ke amfani da Tsaro Tsaro kamar Windows ba. A cikin tsarin tsarin CVSS an cinye shi kamar 8.2 cikin 10, wanda ke nufin cewa yana da babban haɗari. Kuma shine cewa mai kawo hari zai iya yin amfani da wannan don iya aiwatar da lambar ƙira ba tare da izini ba (gami da malware) wanda aka gabatar yayin aikin taya, koda tare da Secarfafa Boot.
Yawan yawa na'urorin hanyar sadarwa, sabobin, wuraren aiki, tebur da kwamfutar tafi-da-gidanka, da wasu na'urori kamar SBCs, wasu na'urorin hannu, na'urorin IoT, da sauransu.
Bugu da ƙari, bisa ga Eclypsium, zai kasance rikitarwa don ragewa kuma zai dauki lokaci kafin a samu mafita. Zai buƙaci zurfin nazari game da masu ɗora kaya kuma masu siyarwa yakamata su saki sabbin sigar bootloaders da aka sa hannu ta hanyar UEFI CA. Zai ɗauki ɗawainiyar ƙoƙari tsakanin masu haɓakawa a cikin buɗewar Microsoft da ƙungiyar haɗin gwiwa da sauran masu tsarin da abin ya shafa don saukar da BootHole.
A zahiri, sun yi a jerin ayyuka don iya samun damar gyara BootHole a cikin GRUB2 kuma kuna buƙatar:
- Patch don sabunta GRUB2 kuma kawar da yanayin rauni.
- Cewa masu haɓaka Linux da sauran dillalai suna sakin abubuwan sabuntawa ga masu amfani da su. Dukansu a matakin GRUB2, masu sakawa da shims.
- Sabbin shims ɗin dole ne ya sanya hannun Microsoft UEFI CA don wasu kamfanoni.
- Masu gudanar da tsarin aiki tabbas zasu sabunta. Amma dole ne ya hada da tsarin da aka girka, hotunan masu sakawa da kuma dawo da ko kafofin watsa labarai da suka kirkira.
- Jerin sokewa na UEFI (dbx) kuma ana buƙatar sabunta shi a cikin firmware na kowane tsarin da abin ya shafa don hana aiwatar da lambar yayin taya.
Abu mafi munin shine idan ya zo ga firmware, dole ne ku yi hankali kuma ku yi hankali kada ku ƙare da matsaloli kuma cewa kwamfutocin suna tsayawa a cikin yanayin tubali.
A halin yanzu, kamfanoni kamar Red Hat, HP, Debian, SUSE, Canonical, Oracle, Microsoft, VMWare, Citrix, UEFI Security Response Team da OEMs, da kuma masu samar da software, sun riga sun fara aiki don magance ta. Koyaya, zamu jira don ganin facin farko.
KYAUTA
Amma rashin la'akari da tasirin masu haɓakawa da al'umma zai zama wauta. Tuni akwai 'yan takarar faci da yawa don rage shi wanda yake zuwa daga kamfanoni kamar Red Hat, Canonical, da dai sauransu. Sun sanya wannan batun a matsayin babban fifiko kuma yana samun nasara.
Matsalar? Matsalar ita ce waɗannan facin suna haifar da ƙarin matsaloli. Yana tunatar da ni abin da ya faru da facin Metldown da Specter, cewa wani lokacin maganin ya fi cutar ...