Kana dzikashandiswa, zvikanganiso izvi zvinogona kubvumira vanorwisa kuti vawane mukana usina mvumo kune ruzivo rwakadzama kana kuti kazhinji kukonzera matambudziko.
Mazuva mashoma apfuura Qualys akaburitsa nhau yekuti yaona kusagadzikana kwakanyanyae (yakatonyorwa pasi peCVE-2022-3328) mune snap-confine utility, iyo inotumirwa nemudzi weSUID mureza uye inodanwa neiyo snapd process kuti igadzire nharaunda inogoneka yezvikumbiro zvakagoverwa mumapakeji e-snap-format.
Kusagadzikana kunonzi kunobvumira mushandisi wemuno asina rusaruro kuti aite kodhi dhizaini semudzi mukugadziriswa kweUbuntu.
Sezvineiwo, kusadzikama kuri mubvunzo kwakaunzwa mukugadzirisa kusagadzikana kwakafanana kubva muna Kukadzi mune snap-confine.
Ndeipi mhedzisiro ine CVE-2022-3328 ine?
Qualys tsananguro mumushumo wayo wekuti snap-confine kusagadzikana ndiko zvichikonzerwa nechimiro chemujaho mu must_mkdir_and_open_with_perms() basa, yakawedzerwa kudzivirira kutsiva dhairekitori /tmp/snap.$SNAP_NAME ine symlink mushure mekuongorora kwemuridzi, asi iyo mount system call isati yashevedzwa kuti isunge madhairekitori mairi kuti iite package iri muspan format .
Yakawedzerwa chengetedzo yaive yekutumidza zita rekuti /tmp/snap.$SNAP_NAME dhairekitori kune rimwe dhairekitori mu/tmp rine zita risingaite kana riripo uye risiri remudzi.
Nekushandisa iyo rename operation kubva ku /tmp/snap.$SNAP_NAME dhairekitori, vaongorori vakatora mukana wekuti snap-confine inogadzirawo dhairekitori /tmp/snap.rootfs_x yezviri mukati me snap package. mkdtemp() iyo inongosarudza "x" chikamu chezita, asi pasuru inonzi "rootfs_x" inogona kupfuura sc_instance_name_validate (kureva kuti pfungwa ndeyekuita $SNAP_NAME yakaiswa ku"rootfs_x" uye ipapo iyo rename operation ichaita kuti /tmp/snap.rootfs_x dhairekitori rinyorwe nemidzi pasnap).
Kuti uwane kushandiswa panguva imwe chete kubva /tmp/snap.rootfs_xx uye kupazve zita /tmp/snap.$SNAP_NAME, zviitiko zviviri zve-snap-confine zvakatangwa.
Pakangotanga chiitiko chakasikwa /tmp/snap.rootfs_xx maitiro akavharwa uye chiitiko chechipiri chakatangwa nezita repasuru rootfs_x, izvo zvakaita kuti dhairekitori renguva pfupi rechipiri /tmp/snap.$SNAP_NAME rive /tmp/snap .rootfs_x (root directory) rekutanga.
Pakarepo mushure mekuita shanduko yezita, chiitiko chechipiri chakatadza uye /tmp/snap.rootfs_x yakatsiviwa nekuita nhangemutange yemamiriro ekugadzirisa, semunaFebruary kushandiswa. Mushure mekuchinja, kiyi yekuuraya yakabviswa kubva pakutanga uye vapambi vakawana kutonga kwakazara pamusoro peiyo midzi dhairekitori.
Danho rekupedzisira raive rekugadzira symlink /tmp/snap.rootfs_x/tmp iyo yaishandiswa ne sc_bootstrap_mount_namespace() basa rekusunga nekuisa iro chairo rinonyorwa dhairekitori / tmp kune chero dhairekitori pane iyo faira system, sezvo gomo () kufona kunotevera symlink isati yakwira.. Kukwirisa kwakadaro kwakavharwa nezvirambidzo zveAppArmor, asi kunzvenga ichi block, iko kushandisa kwakashandisa kusakwana kuviri. vabatsiri mukuwanda.
Kubudirira kushandiswa kwese kutadza kutatu kunobvumira chero asiri-mushandisi ane rombo rakanaka kuti awane midzi ropafadzo pachishandiso chisina njodzi. Vatsvagiridzi veQualys kuchengetedza vakasimbisa kusazvibata, vakagadzira kushandiswa, uye vakawana maropafadzo akazara emidzi pane default Ubuntu kumisikidzwa.
Pakangosimbiswa kusagadzikana uku neQualys Threat Research Unit, takaita kuzivisa nezvekusagadzikana uye takabatana nevatengesi uye kugovera kwakavhurika sosi kuti tizivise kusagadzikana kuchangobva kuwanikwa.
Vatsvakurudzi vakakwanisa kugadzirira kushandiswa kwekushanda iyo inopa midzi yekuwana paUbuntu Server 22.04, iyo, pamusoro peiyo snap-confine kusagadzikana, inosanganisirawo kusakwana kuviri muhuwandu hwehuwandu hwekuita (CVE-2022-41974, CVE-2022-41973) ine chekuita nekupfuura mvumo kana uchipfuura mirairo uye kusachengeteka kubata kwezvisungo zvekufananidzira.
Zvakakodzera kutaura izvozvo iyo nyaya yakagadziriswa mukuburitswa kwesnapd 2.57.6, Pamusoro pezvo, zvigadziriso zvepakeji zvakaburitswa kune ese anotsigirwa matavi eUbuntu.
Chekupedzisira, kana iwe uchifarira kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo Mune inotevera chinongedzo.