Iyo yakagadzikana vhezheni yeOpenWrt 22.03.3 inosvika

openwrt

OpenWrt ndeye firmware yakavakirwa Linux kugovera yakamisikidzwa mumidziyo yakadai seyemunhu ma routers.

Kuburitswa kweiyo itsva yakagadzikana vhezheni yeOpenWrt 22.03.3 ichangobva kuziviswa, vhezheni iyo inouya ichimhanya zvikanganiso zvakasiyana iyo iyo Busybox, dnsmasq uye zvimwe zvigadziriso zvinomira pachena, mukuwedzera kune izvi, kumwe kuvandudzwa kwerutsigiro mune iyi vhezheni itsva zvakare kunomira pachena.

Kune avo vasingazive OpenWrt, iwe unofanirwa kuziva izvo uku kugoverwa kweLinux kwakagadzirirwa kushandiswa pane akasiyana manetiweki enetiwekisenge mairaira uye nzvimbo dzekuwana.

openwrt inotsigira akawanda mapuratifomu uye maumbirwo uye ine yekuvaka sisitimu iyo inokutendera iwe nyore uye zviri nyore kuyambuka-kuumbiridza, kusanganisira akawanda zvikamu mumusangano, zvichiita kuti zvive nyore kugadzira yakagadzirira-kushandisa firmware kana diski mufananidzo yakagadzirirwa mamwe mabasa neanodiwa seti yemapakeji pre- yakaiswa.

Nhau huru dzeWorldWrt 22.03.3

Mune iyi vhezheni itsva inounzwa kubva kuOpenWrt 22.03.3 inoratidzwa dzakasiyana-siyana system component upgrades, izvo tinogona kuwana shanduro dzakagadziridzwa dzeLinux kernel 5.10.161 (shanduro inowedzera mac80211 isina waya stack inotakurwa kubva mushanduro 5.15.81), strace 5.19, mbedtls 2.28.2, openssl 1.1.1s, wolfssl 5.5.4, util-linux 2.37.4, firewall4 2022-10-18, odhcpd 2023-01-02, uhttpd 2022-10-31, iwinfo 2022-12-15, ucode 2022-12-02.

Pamwe chete neLinux Kernel inotaurwawo kuti vakawedzera iyo nyowani kernel module mapakeji: kmod-sched-prio, kmod-sched-red, kmod-sched-act-police, kmod-sched-act-ipt, kmod-sched- pie, kmod-sched-drr, kmod-sched-fq-pie, kmod-sched-act-sample, kmod-nvme, kmod-phy-marvell, kmod-hwmon-sht3x, kmod-netconsole, uye kmod-btsdio.

Kune chikamu che tsigira kuvandudzwa Tinogona kuwana mune iyi vhezheni itsva inotsigira Ruckus ZoneFlex 7372/7321, ZTE MF289F, TrendNet TEW-673GRU, Linksys EA4500 v3 uye Wavlink WS-WN572HP3 4G zvishandiso zvakawedzerwa.

Pamusoro peizvi, isu tinogona zvakare kuwana kuti yeD-Link DIR-825 B1 marongero eiyo fekitori system mufananidzo uye akawedzera rootfs akawedzerwa. Nekusagadzikana, iyo firmware yeBroadcom 4366b1 chip yakawedzerwa kune iyo Asus RT-AC88U kuvaka.

Nezvekugadziriswa, tinogona kuona kuti dambudziko rekutanga loop kana uchishandisa LZMA bootloader pamidziyo NETGEAR EX6150, HiWiFi HC5962, ASUS RT-N56U B1, Belkin F9K1109v1, D-Link DIR-645, yakagadziriswa. D-Link DIR-860L B1, NETIS WF2881 uye ZyXEL WAP6805.

Zvinonzi zvakare dambudziko rekugovera WAN MAC kero mumidziyo UniElec U7621-01, UniElec U7621-06, TP-Link AR7241, TP-Link TL-WR740N, TP-Link TL-WR741ND v4, Telton230 Luma RUT329 Kumba -XNUMXACN.

Of the yakagadziriswa vulnerabilities dzinotaurwa

  • CVE-2022-30065: busybox: Gadzirisa kushandiswa-mushure-kwemahara muBusybox 1.35-x's
    awk applet
  • CVE-2022-0934: dnsmasq: Gadzirisa isiri-yekupokana single-byte kunyora/kushandisa.
    yemahara post kukundikana pane dnsmasq DHCPv6 server
  •  CVE-2022-1304: e2fsprogs: yekunze-ye-maganho kuverenga / kunyora kusagadzikana
    yakawanikwa mu e2fsprogs 1.46.5
  • CVE-2022-47939: kmod-ksmbd: ZDI-22-1690: Linux Kernel ksmbd Shandisa -
    Mushure-Yemahara Remote Kodhi Kuitwa Kusagadzikana
  • CVE-2022-46393: mbedtls: gadzirisa inogona kuita murwi buffer kuwandisa uye
    Nyora
  • CVE-2022-46392: mbedtls: muvengi ane ruzivo rwakakwana data
    ruzivo rwekusvika kwendangariro runogona kudzoreredza RSA yakavanzika kiyi
  • CVE 2022-42905: wolfssl: Muchiitiko icho WOLFSSL_CALLBACKS
    macro inoiswa pakuvaka wolfSSL, pane zvakawanda zvinogoneka nezve
    5-byte verenga paunenge uchibata TLS 1.3 mutengi wekubatanidza.

Of the dzimwe shanduko izvo zvinomira pachena:

  • PaYouku YK-L2 uye YK-L1 zvishandiso, initramfs-kernel.bin inogona kuiswa kuburikidza nemugadziri wewebhu interface.
  • D-Link DGS-1210-10P inotsigira mamwe mabhatani uye zviratidzo zve LED.
  • Mutyairi weUSB awedzerwa kugungano reAVM FRITZ!Bhokisi 7430.
  • Audio controller yakawedzerwa kumusangano weHAOYU Electronics MarsBoard A10.
    Linksys EA6350v3, EA8300, MR8300, uye WHW01 zvishandiso zvinogona kugadzirisa firmware kunze kwebhokisi.
    Yakagadziriswa kuparara pabhoti ne firewall4 uye loadfile.
  • Yakawedzera firmware mafaera e mt7916 uye mt7921 zvishandiso.
  • Iyo ustream-openssl package inodzima kutaurirana kwekubatanidza kwakavakirwa paTLSv1.2 uye neshanduro dzepakutanga dzeprotocol.
  • Yakawedzerwa rutsigiro rweQuectel EC200T-EU modem kune iyo comgt-ncm package.
  • Iyo umbim utility inobvumira kutenderera uye kubatana kuburikidza nevanodyidzana network.
  • Tsigiro yeHE modes (Wifi 6), zvishandiso zvitsva (MT7921AU, MT7986 WiSoC) uye mamwe ciphers (CCMP-256, GCMP-256) akawedzerwa kune iwinfo utility.

Kana iwe uchida kuziva zvakawanda nezvazvo nezve izvo zvakasanganiswa mune ino nyowani kuburitswa kweWorldWrt firmware 22.03.3 unogona kutarisa ruzivo mune rwekutanga kuburitswa Mune inotevera chinongedzo.

Dhawunirodha vhezheni itsva yeOpenWrt 22.03.3

Iyo inovaka yeiyi nyowani vhezheni yakagadzirirwa 35 mapuratifomu akasiyana, kubva maari ekuvandudza mapakeji anogona kuwanikwa kubva pane iyi link iripazasi.


Iva wekutanga kutaura

Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa. Raida minda anozivikanwa ne *

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako