Matambudziko matatu akaonekwa mu-systemd-journald

Darkcrizt

4 maminitsi

systemd kudzvinyirirwa

Matambudziko matatu akaonekwa anotendera uyo asina mukana kurwisa kukwidziridza rombo ravo pachirongwa uye mhanyisa iyo kodhi semidzi mu systemd-journald inova iri basa rekutema kupinda mu systemd.

Kudzvinyirirwa ratidza muzvikamu zvese zvinoshandisa systemd, Kunze kweSUSE Linux Enterprise 15, kuvhuraSUSE Leap 15.0, uye Fedora 28/29, mune izvo systemd zvinongedzo zvakaunganidzwa pamwe nekubatanidzwa kwe "-fstack-clash-kudzivirira".

Ndezvipi zvinokuvadzwa?

Kudzvinyirirwa yakatonyoreswa mukati CVE-2018-16864 y CVE-2018-16865 bvumidza iwe kuti ugadzire mamiriro ekunyora data kunze kwemiganhu yeakagoverwa memory block, apo kunetseka CVE-2018-16866 inokutendera kuti uverenge zvirimo zvekunze ndangariro nzvimbo.

Vanotsvagurudza vakagadzirira inoshanda prototype yezvekushandisa iyo, ichishandisa kusagadzikana CVE-2018-16865 uye CVE-2018-16866.

Kune izvo zvakadzama nezve izvi kusagadzikana vatsvagiri Ivo vanotitaurira kuti izvi zvinobvumidza kuwana mukana wemidzi mushure memaminitsi gumi ekurwiswa kwemahurongwa ane i10 yekuvakisa uye makumi manomwe maminitsi pane amd386 masystem.

Uku kushandisa kwakaedzwa paDebian 9.5.

Ivo zvakare vanotsanangura kuti:

Kana kunyorwa kuchinyorwa, Stack Сlash maitiro anoshandiswa, iko kukosha kwacho kuri kugadzira mamiriro ezvinhu kana zviri mukati memurwi wakafashukira zviri munzvimbo yematanda kana, nekupesana, stack inogona kunyora zvakare murwi nzvimbo.

Izvo zvinozviratidza mumamiriro ezvinhu pakaiswa dutu nemurwi padhuze nepadhuze (iyo nzvimbo yekumisikidza ipapo inotevera ndangariro yakapihwa murwi).

Izvo zvinorongedzerwa zvinosimbisa fungidziro yekuti kudzivirirwa pakurwiswa kweStack Сlash kirasi padanho reLinux kernel hakuna kukwana.

Panguva imwecheteyo, kurwisa kunovharirwa zvinobudirira nekuvaka zvakare GCC ne "-fstack-clash-protection" sarudzo inogoneswa.

Nezve kusagadzikana

Kunetseka CVE-2018-16864 yakawanikwa mushure mekuongorora mamiriro ezvinhu uko kuendesa maficha ayo anochengetedza data kune irogi kuburikidza nekufona ku syslog (), nhamba huru yekuraira mutsara nharo (akati wandei megabytes) inotungamira mukuparara kweiyo systemd-journald maitiro.

Ongororo iyi yakaratidza kuti nekushandisa tambo nemirairo yemutsetse wemirairo, mutsara unodzorwa unogona kuiswa pakutanga kwechirugu.

Asi pakurwisa kwakabudirira, zvakafanira kupfuura nzira yekudzivirira yeiyo peji yekuchengetedza peji inoshandiswa mu kernel., ane hunyanzvi huri mukutsiva kwemapeji ekurangarira emiganhu. kusimudzira yakasarudzika (peji kukanganisa).

Kupfuura ichi chengetedzo mune yakafanana systemd-journald inotanga mu "nhangemutange mamiriro", Kubvumira nguva yekutora maitiro ekudonha nekuda kwepeji yekupinda mukati, kuverenga-chete.

Mukuita kwekudzidza kushomeka kwekutanga, mamwe matambudziko maviri akamuka.

Yechipiri kunetseka CVE-2018-16865 inokutendera iwe kuti ugadzire Stack Сlash mamiriro ekufukidza zvakafanana nekunyora meseji yakakura kwazvo kune iyo faira run / systemd / journal / socket.

Yechitatu kunetseka CVE-2018-16866 inoratidza kana iwe ukatumira syslog meseji neyekupedzisira ":" hunhu.

Nekuda kwekukanganisa mukutenderera kwetambo, iyo yekumisa tambo '\ 0' mushure mekunge yaraswa uye rekodhi yacho ichave ine buffer chikamu kunze kwe '\ 0', zvichikubvumidza iwe kuti uwane makero eiyo stack uye iyo mmap.

  • Iyo CVE-2018-16864 kunetseka kwave kuri pachena kubva muna Kubvumbi 2013 (yakaonekwa mune systemd 203), asi inokodzera kushanda chete mushure mekuchinja kuita systemd 230 muna Kukadzi 2016.
  • Iyo CVE-2018-16865 kunetsekana kunoonekwa kubva Zvita 2011 (systemd 38) uye inowanikwa kuti ishandiswe kubva muna Kubvumbi 2013 (systemd 201).
  • Iyo CVE-2018-16864 uye CVE-2018-16865 nyaya dzakagadziriswa maawa mashoma apfuura mu master bazi re systemd.

Iyo CVE-2018-16866 kudzvinyirira yakaonekwa munaJune 2015 (systemd 221) uye yakagadziriswa muna Nyamavhuvhu 2018 (isingaratidze mune systemd 240).

Kuburitswa kwekushandisa kwakambomiswa kudzamara kwasunungurwa zvigamba nekuparadzirwa.

Parizvino, kugoverwa kwekushomeka hakuchina zvigamba ndiko kwakanyanya kufarirwa senge Debian, Ubuntu, RHEL, Fedora, SUSE, pamwe nezvinobva kwazviri.


Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa. Raida minda anozivikanwa ne *

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako

  1.   luix akadaro
    inoita 5 makore

    systemd inoyamwa!

    Pindura kuna luix
  2.   fira kutenda akadaro
    inoita 5 makore

    init rusununguko… ehe !!!!

    Pindura kuna martiyo