Red Hat yakazivisa nezuro kuti yakaratidza hutatu hukuru hunhu muLinux Kernel. Zvitatu zvakakanganisika zvikanganiso, CVE-2019-11477, CVE-2019-11478 uye CVE-2019-11479, yakawanikwa mune manejimendi yeTCP network neLinux Kernel.
Izvo zvakakomba yeiyo mitatu yekusagadzikana inogona kubvumira munhu ari kure kuti arwadzise kernel pane masystem anomhanya akakanganiswa package uye nekudaro inokanganisa kugadzikana kwesystem
Red Hat yakatsanangura nezuro kuti zvitatu zvakakanganisika zvakaonekwa mukubata kweLinux Kernel kweSACK (TCP inosarudza kubvuma) mapakeji ane yakaderera MSS saizi.
Hukuru hwekukanganisa hunofungidzirwa kuti hunogumira pakuramba sevhisi kwenguva iripo. Parizvino hapana kukwidziridzwa kweropafadzo kana kudonhedza ruzivo kuri kufungidzirwa nekuda kwekusasimba kwechitatu.
Nezve kusagadzikana
Iyo kambani yakadoma nenjodzi nhatu, CVE-2019-11477, CVE-2019-11478, uye CVE-2019-11479. CVE-2019-11477 inoonekwa seyakaomarara, nepo CVE-2019-11478 uye CVE-2019-11479 inoonekwa seyakaomarara.
Dambudziko rekutanga mbiri dzakabatana neSelection Recognition Packets (SACK) inosanganiswa nehukuru hwehukuru hwechikamu (MSS) uye chechitatu chinongoenderana nehukuru hwehukuru hwechikamu (MSS).
Inosarudzwa TCP inobata ruoko (SACK) inzira iyo iyo iyo inogamuchira iyo dhata inogona kuzivisa mutumiriri wezvikamu zvese zvinogamuchirwa.
Izvi zvinobvumira mutumwa kudzorerazve zvikamu zvehova izvo zvisipo kubva kune yavo seti ye "zvigadzirwa zvinozivikanwa." Kana TCP SACK yakaremara, seti hombe yekudzoreredza inodiwa kudzosera rese rakateedzana.
Saizi yekukura kwechikamu (MSS) paramende inotsanangurwa mumusoro weTCP yepaketi inotsanangura huwandu hwese hwedata huri muchikamu chakavakwa cheTCP.
Nekuti mapaketi anogona kutsemurwa panguva yekufambisa munzira dzakasiyana, Anogamuchira anofanira kudoma iyo MSS seyakaenzana nehukuru hukuru payload yeIP datagrams ayo Anogamuchirwa anogona kubata.
Saizi yakakura kwazvo yeMSS inogona kureva kuti rwizi rwepaketi runopedzisira rwave kupatsanurwa painenge ichienda yakananga, nepo mapakeji madiki anogona kuvimbisa kupatsanurwa kudiki asi zvichizoguma neusina kushandiswa pamusoro
ari mashandiro uye mhando dzekutakura dzinogona kushandisa saizi dzakatarwa dzeMSS nekutadza
ari vanorwisa vane mukana wakakwana vanogona kugadzira mapakeji akasvibika ine sarudzo dzeMSS dzakanyatsogadzirirwa kurwisa uku.
Chikamu chega chega cheTCP chine nhamba yekuteedzana (SEQ) uye nhamba yekugamuchira (ACK). Aya SEQ uye ACK manhamba anoshandiswa kuona kuti ndezvipi zvikamu zvakagamuchirwa zvinobudirira neanogamuchira. Iyo ACK nhamba inoratidza inotevera chikamu chinotarisirwa neanogamuchira. Red Hat yakapa muenzaniso kuti unzwisise izvi.
Kugoverwa kwakabatwa
Red Hat ine runyorwa rurefu rwezvigadzirwa zvakakanganiswa nenjodzi idzi nhatu. Rondedzero yezvigadzirwa zvinonyanya kukanganiswa ndeinotevera:
- Red Hat Enterprise Linux 8
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 5
- Red Hat Atomic Inotambira
- Red Hat Bhizinesi MRG 2
- Red Hat OpenShift Container Platform 4 (RHEL CoreOS)
- Red Hat OpenShift Pamhepo
- Red Hat OpenShift Dedicated (uye anoenderana masevhisi)
- OpenShift pane Azure (ARO)
- Red Hat OpenStack Platform (Kutumira Mufananidzo Kernel)
- Red Hat Virtualization (RHV-H)
Sekondari zvakakanganiswa zvigadzirwa:
- Red Hat Virtualization (RHV)
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform 3
Sekureva kwekambani iyi, kunyangwe kushomeka kwekernel hakukanganisi zvakananga midziyo yeRed Hat Linux, kuchengetedzeka kwavo kunoenderana nekuvimbika kwenzvimbo yevagari venzvimbo yacho.
Red Hat inokurudzira kuti iwe ushandise yazvino vhezheni yemidziyo yako yemidziyo. Iyo Container Health Index, inova chikamu cheRed Hat Container Catalog, inogona kushandiswa kuona mamiriro ekuchengetedza emidziyo yeRed Hat.
Kuchengetedza kuvanzika kwemidziyo yakashandiswa, unofanirwa kuona kuti iyo inomiririra (seRed Hat Enterprise Linux, CoreOS, kana Atomic inomiririra) yakagadziridzwa nekuda kwekurwiswa uku.
MuLinux kernel, nyaya dzakagadziriswa mushanduro 4.4.182, 4.9.182, 4.14.127, 4.19.52 uye 5.1.11