Tsvaga bug mune kernel AF_PACKET uye ndokubvisa kupururudza zvinyorwa muoni

 

Munguva pfupi yapfuura imwe nyaya yakaburitswa muAF_PACKET subsystem Linux kernel, iyo inobvumidza yemuno isina-rombo mushandisi kumhanya kodhi semidzi kana kubuda midziyo yakasarudzika kana iine midzi yekuwana.

Ruzivo rwaburitswa runotaura kuti CAP_NET_RAW chiremera chinodiwa kugadzira AF_PACKET socket uye kushandisa zvisizvo.

Zvisinei, zvinozivikanwa kuti mushandisi asina ropafadzo anogona kuwana mvumo yakatsanangurwa mumidziyo yakagadzirwa pamasisitimu ane nzvimbo yemazita yemushandisi inogoneswa.

Semuenzaniso, nzvimbo dzemazita emushandisi dzinosanganisirwa nekusarudzika muUbuntu neFedora, asi haina kugoneswa muDebian neRHEL. Ipo muAroid, iyo mediaerver maitiro ane mvumo yekugadzira AF_PACKET zvigadziko, kuburikidza nenjodzi iyo inogona kushandiswa.

Nezve kukuvadzwa mu AF_PACKET

Iyo kushushikana kuripo mune tpacket_rcv basa uye zvinokonzerwa nekanganiso mukuverenga kweiyo netoff kusiana.

Anorwisa anogona kugadzira mamiriro pasi pazvo ndichanyora kukosha kwakaderera pane maclen mune iyo netoff kusiana, iyo inokonzera kufashukira nekuverenga "macoff = netoff-maclen" uye zvadaro kuita nenzira isiriyo kunogona kuisa pointer kune iyo buffer yeinouya data.

Semagumo, anorwisa anogona kutanga kunyora kubva pa1 kusvika kugumi mabheti kuenda kunzvimbo iri kunze kwenzvimbo yakapihwa bhafa 

Iko kusarongeka kwave kuripo muiyo kernel kubva muna Chikunguru 2008, ndiko kuti, mune dzese tsanga dzazvino, zvakadaro iko zvino kuzivikanwa kugona kuishandisa kunyorera kunharaunda iri kunze kwenzvimbo yakapihwa buffer (kushushikana) kwakafungidzirwa kuti kwakaunzwa muna Kukadzi kubva 2016 (kubva kernel shanduro 4.6-rc1 uye gare gare), pamwe nekuvandudzwa kwe virtio_net rutsigiro.

Kana iri mhinduro yedambudziko ichiri kuwanikwa sechigamba. Pamusoro pezvekuti, kune rimwe divi, zvinoonekwa kuti chishamiso chiri kugadzirwa icho chinobvumidza kuwana kodzero dzemidzi muchirongwa.

Kune avo vanofarira kuziva kana iyo gadziriso yatovepo kuti vagoverwe, ivo vanogona kuteedzera kutaridzika kweyekugadziriswa kwepakeji mune akasiyana akasiyana pamapeji anotevera: Ubuntu, Fedora, SUSE, Debian, RHEL, Arch.

Chinyorwa kupuruzira rutsigiro rwemavara koni yakabviswa

Kune rimwe divi tichitaura nezveLinux Kernel, zvakaziviswa zvakare kuti iyo yekunyora scrolling kodhi yakabviswa kubva mukuitwa kweshoko renyorwa muLinux kernel (CONFIG_VGACON_SOFT_SCROLLBACK).

Iyo kodhi yakabviswa nekuda kwekuvapo kwetsikidzi, izvo pakanga pasina wekugadzirisa nekuda kwekushaikwa kwemaneja wekutarisa kugadzirwa kwevgacon.

Uye ndizvo izvozvo mwedzi mishoma yapfuura kunetsekana kwakaonekwa nekugadziriswa muvgacon (CVE-2020-14331) iyo inogona kukonzera buffer kufashukira nekuda kwekushomeka kwakakodzera kwekuwanikwa kwekutarisa mune yekupukuta buffer. Iyo kusagadzikana kwakabata kutarisisa kwevagadziri uyo akaronga bvunzo dzekupenga dzevgacon kodhi mu syzbot.

kunze kwaizvozvo kumwe kuongorora kwakaonesa zvimwe zvakati wandei zvakafanana mune vgacon kodhi, pamwe nezvinetso mukushambadzira software kuitisa mu fbcon controller.

Zvinosuruvarisa kodhi yedambudziko yakasiiwa isina kuchengetwa kwenguva yakareba, zvingangodaro zvichikonzerwa nekuti vagadziri vakachinjira mukushandisa kwemifananidzo yekunyaradza uye zvinyorwa zvemavara zvakamira kushandiswa (vanhu vanoramba vachishandisa vgacon uye fbcon consoles, asi ivo havana kunge vari iwo mainisheni eiyo kernel kwemakumi emakore uye vakaparadzira zvese mabasa akadai semutongi akavakirwa-mukati kupuruzira (Shift + PgUp / PgUp) anogona kunge ari kudiwa kwakadzika)

Nenzira iyi, Linus Torvalds akasarudza kusaedza kuchengeta kodhi isina kubvunzwa, asi ingoidzima.

Chekupedzisira, zvinotaurwa kuti kana paine vashandisi vanoda kushanda uku, kodhi yekutsigira kupuruzira mune koni inodzoserwa kune kernel nekukurumidza kana paine muchengeti akagadzirira kana anoda kutora mari kuti vatore kugadzirisa kwayo voga. maoko, ndiko kuti, iye chete anoda kupa nguva pazviri.


Izvo zviri muchinyorwa zvinoomerera pamisimboti yedu ye tsika dzekunyora. Kuti utaure chikanganiso tinya pano.

Iva wekutanga kutaura

Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa.

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako