Intel yakamisikidza 22 kudzvinyirira muiyo firmware yeayo server mamaboards

Intel bug

Intel yakazivisa kubviswa kwe22 kunetseka mune firmware yavo server mamaboards, server masisitimu uye komputa mamodule. Matambudziko matatu, chimwe chazvo inopihwa danho rakakosha inowanikwa mu firmware yeEmulex Pilot 3 BMC inoshandiswa neIntel zvigadzirwa.

BMC inyanzvi inoiswa pamaseva, chii tIyo ine yayo CPU, ndangariro, kuchengetedza, uye maficha probe yekuvhota, iyo inopa yakaderera-chikamu chinongedzo kutarisa uye kudzora server server.

Izvo zvinokuvadza zvinobvumidza kuwanikwa kusingazivikanwe kune manejimendi kodhi (KVM), pfuura nekusimbiswa paunenge uchiteedzera michina yekuchengetedza USB uye unokonzeresa buffer iri kure kufashukira muLinux kernel inoshandiswa neBMC.

Iyo CVE-2020-8708 kunetsekana inobvumira anorwisa ku kusasimbisa izvozvo pinda chikamu cheLAN chakagovaniswa neseva inotambura kuwana mukana kune iyo BMC yekudzivirira nharaunda. Izvo zvinoonekwa kuti hunyanzvi hwekushandisa hunyanzvi hwakareruka uye hwakavimbika, nekuti dambudziko rinokonzerwa nekanganiso yekuvaka.

Uyewo, maererano nemuongorori akaona kusasimba, shanda neBMC kuburikidza nekushandisa kuri nyore kwazvo pane kushandisa yakajairwa Java mutengi.

Iyo inokanganisa Hardware inosanganisira iyo Intel server system mhuri R1000WT, R2000WT, R1000SP, LSVRP, LR1304SP, R1000WF uye R2000WF, mamaboards S2600WT, S2600CW, S2600KP, S2600TP, S1200SP, S2600WF, SB2600ST ... Vulnerability 00 yakagadziriswa HS .

Zvinoenderana neasina kujeka data, iyo firmware yeBMC Emulex Pilot 3 yakanyorwa neAMI, nekudaro kuratidzwa kwekusakwanisa pane yechitatu-bato masystem hakusi kusiiwa.

Matambudziko aripo pazvimedu zvekunze kune iyo Linux kernel uye mushandisi nzvimbo yekudzora maitiro, iyo kodhi yacho inoratidzwa nemutsvagurudzo akaona dambudziko iri rakaipisisa kodhi raakasangana naro.

Nezve kumwe kusagadzikana kwakagadziriswa:

  • CVE-2020-8730: inokonzeresa kufashukira pane mamwe mabhodhi ayo anogona kubvumidza mushandisi akavimbiswa kuti agone kugonesa mukana wekuwedzera kuburikidza nekuwana kwenzvimbo.
  • CVE-2020-8731: Iwe unogona kubvumidza mushandisi akavimbiswa kuti agone kugonesa mukana wekuwedzera kuburikidza nekuwana kwenzvimbo.
  • CVE-2020-8707: Kufashukira kweBuffer kunogona kubvumidza mushandisi asina kuvimbiswa kuti akwanise kuwedzera kukoshesa kuburikidza nekuwana pedyo.
  • CVE-2020-8719: Buffer kufashukira mudanho renyowani inogona kubvumidza mushandisi ane rukudzo kuti agone kugonesa mukana wekuwedzera kuburikidza nekuwanika kwenzvimbo.
  • CVE-2020-8721: kusarudzika kwekuisa chokwadi kunogona kubvumidza mushandisi ane rombo rakanaka kuti akwanise kuwedzera kukoshesa kuburikidza nekuwana kwenzvimbo
  • CVE-2020-8710: Buffer kufashukira mu boot loader inogona kuve inogona kubvumidza mushandisi ane rombo rakanaka kuti akwanise mukana wekukwira kuburikidza nekuwana kwenzvimbo.
  • CVE-2020-8711: Isina kukodzera kuwana kudzora mubhuti rinotakura inogona kubvumidza mushandisi ane rombo rakanaka kuti akwanise kuwedzera kukoshesa kuburikidza nekuwana kwenzvimbo.
  • CVE-2020-8712: Buffer inopfachukira muchirongwa chekutarisa kwemamwe mabhodhi inogona kubvumidza mushandisi akavimbiswa kuti agone kugonesa mukana wekuwedzera kuburikidza nekuwana kwenzvimbo.
  • CVE-2020-8718: Buffer inopfachukira mune chikamu chediki chemamwe mabhodhi inogona kubvumidza mushandisi akavimbiswa kuti agone kugonesa mukana wekuwedzera kuburikidza nekuwana kwenzvimbo.
  • CVE-2020-8722: Buffer inopfachukira mune chikamu chediki chemamwe mabhodhi inogona kubvumidza mushandisi ane rombo rakanaka kuti akwanise kugonesa mukana kuburikidza nekuwana kwenzvimbo.
  • CVE-2020-8732: Murwi-wakavakirwa buffer kufashukira mu firmware inogona kubvumidza musina kuzivikanwa mushandisi kuti agone kugonesa mukana wekuwedzera kuburikidza padhuze kuwana.
  • CVE-2020-8709: Kuvimbika kusiri iko pamasevhisi esocket kune vamwe kunogona kubvumidza mushandisi asina kuvimbiswa kuti agone kugonesa kukwira kweropafadzo kuburikidza nekuwanika padhuze.
  • CVE-2020-8723: muchinjiro-saiti kunyorera kwemamwe mabhodhi kunogona kubvumidza mushandisi asina kuvimbiswa kuti agone kugonesa mukana wekuwedzera kuburikidza nepedyo kuwana.
  • CVE-2020-8713: Kuvimbiswa kusiri kwayo kwemamwe mabhodhi kunogona kubvumidza mushandisi asina kuvimbiswa kuti akwanise kuwedzera kukoshesa kuburikidza nekuwana pedyo.

Izvo zviri muchinyorwa zvinoomerera pamisimboti yedu ye tsika dzekunyora. Kuti utaure chikanganiso tinya pano.

Iva wekutanga kutaura

Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa.

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako