Vakawana kusagadzikana kweVFS muLinux iyo inobvumira ropafadzo kuwedzera

Mazuva mashoma apfuura nhau dzakaburitswa kuti kusagadzikana kwakaonekwa (yakatonyorwa pasi peCVE-2022-0185) uyen iyo faira system mamiriro API zvinopihwa ne linux kernel izvo zvinogona kubvumira mushandisi wepanzvimbo kuwana ropafadzo dzemidzi pane system.

Izvo zvinotaurwa kuti dambudziko nderekuti mushandisi asina rusarura anogona kuwana mvumo yakadaro mumudziyo uri wega kana tsigiro yemazita emushandisi yakagoneswa pane system.

Semuenzaniso, nzvimbo dzemazita dzevashandisi dzinogoneswa nekusarudzika paUbuntu neFedora, asi hadzigoneswe paDebian neRHEL (kunze kwekunge mapuratifomu ekuzviparadzanisa nevamwe ashandiswa). Pamusoro pekukwidziridzwa, kusazvibata kunogonawo kushandiswa kubuda mugaba riri roga kana mudziyo une mvumo yeCAP_SYS_ADMIN.

Kunetseka iripo mubasa legacy_parse_param() muVFS uye imhaka yekushaikwa kwekusimbisa kwakakodzera kwehukuru hwehukuru hwakapihwa paramita pamafaira masisitimu asingatsigire mafaera system mamiriro API.

Munguva pfupi yapfuura, shamwari dzinoverengeka pane yangu CTF Crusaders yeRust timu uye ndakasangana ne0-zuva Linux kernel murwi wakafashukira. Isu takawana iyo bug kuburikidza nekuita fuzzing ne syzkaller uye nekukasira kuigadzira kuita Ubuntu LPE exploit. Isu takazoinyora zvakare kutiza nekudzura Google yakaomeswa Kubernetes CTF zvivakwa. Iyi bug inobata ese kernel vhezheni kubvira 5.1 (5.16 irikuenderera mberi) uye yakapihwa CVE-2022-0185. Isu takatotaura izvi kuLinux kugovera uye kuchengetedza tsamba yekutumira, uye iyo bug yakagadziriswa sekuburitswa kwechinyorwa ichi.

Kupfuura parameter yakakura kwazvo inogona kukonzera mafashama yenhamba yakasiyana-siyana inoshandiswa kuverenga saizi yedata riri kunyorwa; iyo kodhi ine "kana (len > PAGE_SIZE - 2 - saizi)" buffer mafashama cheki, isingashande kana kukosha kwehukuru hukuru kupfuura 4094 nekuda kwekufashukira nepakati pezasi (integer kufashukira, kana ichishandura 4096 - 2 - 4095 kune isina kusaina int, inowana 2147483648).

Iyi bug inobvumira, kana uchiwana yakanyatsogadzirwa FS mufananidzo, ita kuti buffer ifashuke uye nyora kernel data ichitevera iyo yakagoverwa ndangariro nzvimbo. Kushandisa kusazvibata, kodzero dzeCAP_SYS_ADMIN, kureva chiremera chemutungamiri, dzinodiwa.

Kubva muna 2022, vatinoshanda navo vakasarudza kutsvaga zuva 0 muna 2022. Takanga tisina chokwadi chekuti totanga sei, asi sezvo chikwata chedu chaive neruzivo rwepamusoro neLinux kernel vulnerabilities, takasarudza kungotenga mamwe maseva akazvipira. uye shandisa Google's syzkaller fuzzer. Musi waNdira 6 na22:30 PM PST, chop0 yakagamuchira mushumo unotevera wekutadza kweKASAN mu legacy_parse_param: slab-out-of-bounds Nyora mu legacy_parse_param. Zvinoita sekuti syzbot yakawana dambudziko iri mazuva matanhatu chete apfuura painenge ichitsvaga Android, asi dambudziko harina kubatwa uye isu takafunga kuti hapana mumwe munhu akazviona.

Pakupedzisira, zvakakosha kutaura kuti dambudziko rave richizviratidza kubva kuLinux kernel vhezheni 5.1 uye rakagadziriswa mune zvigadziriso zvakaburitswa mazuva mashoma apfuura mushanduro 5.16.2, 5.15.16, 5.10.93, 5.4.173.

kunze kwaizvozvo vulnerability package yakatoburitswa nokuti RHELDebianfedora uye Ubuntu. Nepo mhinduro haisati yave kuwanikwa pa Arch LinuxGentoosuse y vhuraSUSE.

Panyaya yeizvi, zvinonzi semhinduro yekuchengetedza masisitimu asingashandisi kugadzika kwemidziyo, unogona kuseta kukosha kwe sysctl "user.max_user_namespaces" ku0:

Muongorori akaona dambudziko akaburitsa demo rekushandisa que inobvumira kumhanya kodhi semudzi paUbuntu 20.04 mune yekumisikidza kurongeka. Zvakarongwa izvozvo iyo yekushandisa kodhi inoburitswa paGitHub mukati mevhiki mushure izvo zvinogovera zvinoburitsa imwe update inogadzirisa kusagadzikana.

Finalmente kana iwe uchifarira kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo mu inotevera chinongedzo.


Izvo zviri muchinyorwa zvinoomerera pamisimboti yedu ye tsika dzekunyora. Kuti utaure chikanganiso tinya pano.

Mhinduro, siya zvako

Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa.

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako

  1.   ChiGalician akadaro

    Chimwezve chikonzero chekubata snap netsvimbo.