Kana dzikashandiswa, zvikanganiso izvi zvinogona kubvumira vanorwisa kuti vawane mukana usina mvumo kune ruzivo rwakadzama kana kuti kazhinji kukonzera matambudziko.
Munguva pfupi yapfuura nhau dzakaburitswa kuti huwandu hwekusagadzikana hwakaonekwa mune isina waya stack (mac80211) yeLinux kernel, mamwe acho angangoita bvumira buffer mafashama uye kure kure kodhi kuuraya kuburikidza nekutumira mapaketi akanyatsogadzirwa nenzvimbo yekupinda. Iyo gadziriso inowanikwa chete sechigamba kusvika zvino.
Muongorori wezvekuchengetedza kubva kuTU Darmstadt ndiye akataura dambudziko kuna SUSE ine hukama nebhafa pamusoro peiyo mac80211 chimiro cheLinux kernel yakakonzerwa neWLAN mafuremu.
Ndichiri kuita tsvakiridzo neIntel, uyeVakawana mamwe matambudziko akati wandei, Chii chinoita kuti idzi nyaya dzekuchengetedza yeWiFi dziwedzere kunetsa ndechekuti dzinogona kushandiswa pamusoro pemhepo kuburikidza nemapaketi ane hutsinye pane asina kuvimbika mawaya network.
Isu takapa dambudziko kune core security people, uye Soenke uye
Johannes Berg weIntel akaongorora uye akashanda padambudziko iri.Panguva yekuferefeta kwavo vakawana mamwe matambudziko akawanda muWLAN
murwi, unogona kushandiswa nemhepo.Iyo chigamba seti yakatumirwa kune netdev runyorwa nguva yadarika uye iri
akabatanidzwa mumaawa / mazuva mashoma anotevera.
- CVE-2022-41674: Buffer mafashama mu cfg80211_update_notlisted_nontrans basa, zvichiita kuti anosvika 256 bytes anyorwe pamurwi. Kusagadzikana kwave kuratidzwa kubvira Linux kernel 5.1 uye inogona kushandiswa kure kure kodhi kuuraya.
- CVE-2022-42719: kuwana kune yakatosunungurwa ndangariro nzvimbo (shandisa mushure memahara) muMBSSID parsing kodhi. Kusagadzikana kwave kuratidza kubvira Linux kernel 5.2 uye inogona kushandiswa kure kure kodhi kuuraya. A use-after-free flaw yakawanikwa mu ieee802_11_parse_elems_full in function net/mac80211/util.c pane element multi-BSSID. Iyi nyaya inoitika panguva yekuisa paLinux kernel.
- CVE-2022-42720: chirevo chekushandisa-mushure-yemahara ndangariro nzvimbo mune referenzi yekuverenga kodhi muBSS (Basic Service Set) modhi. Kusagadzikana kwave kuratidzwa kubvira Linux kernel 5.1 uye inogona kushandiswa kure kure kodhi kuuraya. Varwi vemunharaunda (vanokwanisa kubaya mafuremu eWLAN) vanogona kushandisa tsikidzi dzakasiyana-siyana mukubata maBSS akawanda mumac80211 stack muLinux kernel 5.1 kusvika 5.19.x pamberi pa5.19.16 kukonzeresa kushandiswa kwemamiriro mushure memahara kune zvingangoita kodhi kodhi.
- CVE-2022-42721: Rondedzero yehuori kukanganisa yakawanikwa mu cfg80211_add_nontrans_list mune basa net/wireless/scan.c muLinux kernel. Iyo inokonzeresa BSS rondedzero huwori ichikonzera risingaperi loop. Kusagadzikana kwave kuratidzwa kubvira Linux kernel 5.1 uye inogona kushandiswa kuita kuramba sevhisi.
- CVE-2022-42722: Chikanganiso muP2P mudziyo pawifi chakawanikwa mu ieee80211_rx_h_decrypt mu net/mac80211/rx.c muLinux kernel. Null pointer dereference mu beacon furemu yekudzivirira kodhi. Dambudziko rinogona kushandiswa kuita kuramba basa.
Kuratidza mukana wekuita kurwisa kutora mukana wezvipembenene zvakawanikwa, mienzaniso yezvirongwa zvakaburitswa , que kukonzera mafashama pamwe chete nechishandiso chekutsiva aya mafuremu mu802.11 isina waya stack, zvinokwanisika kuita kutadza kwebasa.
Zvinotaurwa kuti kusasimba kwakazvimirira kune madhiraivha asina waya anoshandiswa. Zvinofungidzirwa kuti nyaya dzakaonekwa dzinogona kushandiswa kugadzira mashandisiro ekushanda kune kure kure kurwisa masisitimu.
Nezve zvigadziriso zveaya mabhugi, zvinonzi Linus Torvalds yakanhonga iyo WiFi kuchengetedza inogadziriswa iyo inoshandiswa kuburikidza nemamwe network ekugadzirisa kweLinux 6.1 yekubatanidza hwindo.
Iwo mapeche ekururamisa akatoburitswa uye kuitiswa mune yakagadzikana akatevedzana uye mukati mekugadzirisa kweiyo huru inotsigirwa Linux kugoverwa uye, zvakare, inofanira kutorwa mumakwikwi anotevera ekuburitswa kwemapoinzi mumazuva anouya.
Finalmente kana iwe uchifarira kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo mu chinotevera chinongedzo.