Kwanan nan labari ya bazu cewa wani mai binciken tsaro ya gano wani mummunan rauni (wanda aka riga aka jera a ƙarƙashin CVE-2021-43267) a cikin aiwatar da yarjejeniyar hanyar sadarwa ta TIPC wanda aka kawo a cikin Linux kernel, wanda ke ba da damar aiwatar da lamba mai nisa tare da gatan kwaya ta hanyar aika fakitin cibiyar sadarwa na musamman.
An rage haɗarin matsalar ta gaskiyar cewa harin yana buƙatar ba da damar tallafin TIPC a sarari akan tsarin (ta hanyar lodawa da daidaita tsarin kernel tipc.ko), wanda ba a yi ta tsohuwa akan rarrabawar Linux ba.
CodeQL injin bincike ne wanda ke ba ku damar gudanar da tambayoyi akan lambar ku. Ta fuskar tsaro, wannan na iya ba ka damar nemo lahani ta hanyar kwatanta kamanninsu. CodeQL zai ci gaba da rayuwa kuma ya nemo duk yanayin rashin lafiyar.
An goyan bayan TIPC tun Linux 3.19 kwaya, amma lambar da ke haifar da raunin an haɗa shi a cikin kwaya ta 5.10.. Ericsson ne ya ƙera ƙa'idar TIPC ta asali, an yi niyya don tsara hanyoyin sadarwa a cikin gungu kuma ana kunna ta musamman akan nodes na tari.
TIPC na iya aiki duka akan Ethernet da UDP ( tashar sadarwa 6118). A cikin yanayin aiki ta hanyar Ethernet, ana iya kai harin daga cibiyar sadarwar gida, da kuma lokacin amfani da UDP, daga hanyar sadarwa ta duniya, idan tashar wuta ba ta rufe tashar jiragen ruwa. Har ila yau, mai amfani na gida zai iya kai harin ba tare da gata ga mai gida ba. Don kunna TIPC, dole ne ku ɗora nauyin tipc.ko kernel module kuma saita hanyar haɗin yanar gizon ta amfani da netlink ko mai amfani na tipc.
Ana aiwatar da ƙa'idar a cikin tsarin kernel wanda aka haɗa tare da duk manyan rarrabawar Linux. Lokacin da mai amfani ya ɗora shi, ana iya amfani da shi azaman mai haɗawa kuma ana iya saita shi a cikin keɓancewa ta amfani da netlink (ko ta amfani da tipc ɗin sararin samaniya, wanda zai yi waɗannan kiran netlink) azaman mai amfani mara gata.
Ana iya saita TIPC don yin aiki akan ƙa'idar mai ɗaukar hoto kamar Ethernet ko UDP (a cikin yanayin ƙarshe, kernel yana sauraron tashar jiragen ruwa 6118 don saƙonni masu shigowa daga kowace na'ura). Tun da ƙananan mai amfani ba zai iya ƙirƙirar firam ɗin ethernet ba, saita mai ɗauka zuwa UDP yana sauƙaƙa rubuta amfani na gida.
Rashin lahani yana bayyana kansa a cikin aikin tipc_crypto_key_rc kuma yana faruwa ta rashin ingantaccen tabbaci na wasiƙun da ke tsakanin abin da aka kayyade a cikin taken da ainihin girman bayanan lokacin da ake nazarin fakiti masu nau'in MSG_CRYPTO da ake amfani da su don samun maɓallan ɓoyewa daga wasu nodes ɗin da ke cikin cluster don daga baya a ɓoye saƙon da aka aika daga waɗannan nodes.
Ana ƙididdige girman bayanan da aka kwafi zuwa ƙwaƙwalwar ajiya azaman bambanci tsakanin ƙimar filayen tare da girman saƙon da girman taken, amma ba tare da la'akari da girman girman sunan algorithm ɗin da aka watsa ba. a cikin sakon da abin da ke cikin mabudin.
Ana ɗauka girman sunan algorithm ɗin an daidaita shi, kuma ƙari da haka an ƙaddamar da sifa daban tare da girman don maɓalli, kuma maharin na iya ƙididdige ƙima a cikin wannan sifa wacce ta bambanta da ainihin ƙimar, wanda zai haifar da rubutawa zuwa ga. layin saƙon a waje da keɓaɓɓen buffer.
An daidaita raunin a cikin kernels 5.15.0, 5.10.77 da 5.14.16, ko da yake matsalar ta bayyana kuma har yanzu ba a gyara ba a cikin Debian 11, Ubuntu 21.04 / 21.10, SUSE (a cikin reshen SLE15-SP4 ba tukuna ba), RHEL (ba a yi cikakken bayani ba idan an sabunta bayani mai rauni) da Fedora.
Ko da yake An riga an fitar da sabuntawar kwaya don Arch Linux da rarrabawa tare da kernels kafin 5.10, kamar Debian 10 da Ubuntu 20.04, ba su da tasiri.
Finalmente idan kuna sha'awar ƙarin sani game da shi, zaka iya duba bayanan A cikin mahaɗin mai zuwa.