Kana dzikashandiswa, zvikanganiso izvi zvinogona kubvumira vanorwisa kuti vawane mukana usina mvumo kune ruzivo rwakadzama kana kuti kazhinji kukonzera matambudziko.
Munguva pfupi yapfuura nhau dzakabvarura izvo kusagadzikana kwakanyanya kwakaonekwa mune ksmbd module, iyo inosanganisirwa mukati mekushandiswa kwefaira server yakavakirwa paSMB protocol yakavakirwa muLinux kernel.
Mhosva yaonekwa inobvumira kuzadzisa kure kure kodhi kuuraya nekodzero dze kernel. Kurwiswa kunogona kuitwa pasina huchokwadi, zvakakwana kuti ksmbd module inogadziriswa muhurongwa.
Pari zvino mashoko chaiwo panzira inoshandiswa kushandisa kusazvibata hazvisati zvaratidzwa Kusagadzikana kunongozivikanwa kukonzerwa nekuwana yakatosunungurwa (Shandisa-After-Mahara) nzvimbo yekurangarira nekuda kwekutadza kutarisa kuvepo kwechinhu usati waita maoparesheni pachiri.
ZVINOTAURWA NEZVINHU
Kusagadzikana uku kunobvumira vanorwisa vari kure kuti vaite zvekupokana pane zvakakanganisika kumisikidzwa kweLinux Kernel. Huchokwadi hahudiwe kushandisa kusazvibata uku, asi masisitimu ane ksmbd anogoneswa ndiwo ari panjodzi.Izvo zvakakanganisika zviripo mukati mekugadzirisa kwemirairo yeSMB2_TREE_DISCONNECT. Dambudziko rinokonzerwa nekushaikwa kwechokwadi chekuvepo kwechinhu chisati chaita maoparesheni pachinhu. Anorwisa anogona kushandisa kusazvibata uku kuti aite kodhi mukati meiyo kernel.
Izvo zvinotaurwa kuti dambudziko rine chekuita ne chokwadi chekuti mubasa smb2_tree_disconnect(), allocated memory yakasunungurwa ye ksmbd_tree_connect chimiro, asi mushure meizvozvo chinongedzo chaive chichiri kushandiswa pakugadzirisa zvimwe zvikumbiro zvekunze zvaive nemirairo yeSMB2_TREE_DISCONNECT.
Pamusoro pekusagadzikana kunotaurwa muksmbd, 4 nyaya dzisina njodzi dzinogadziriswa zvakare:
- ZDI-22-1688 -Kure kodhi kuuraya nekodzero dze kernel nekuda kwekutadza kutarisa saizi chaiyo yedata rekunze usati waikopa kune yakagoverwa buffer mufaira hunhu hwekugadzirisa kodhi. Ngozi yekusagadzikana inodzikiswa nenyaya yekuti kurwiswa kunogona kuitwa chete nemushandisi ane chokwadi.
- ZDI-22-1691 - Kernel ndangariro iri kure ruzivo inodonha nekuda kwekutarisa kwakashata kweyekupinza paramita muSMB2_WRITE command handler (kurwiswa kunogona kuitwa chete nemushandisi ane chokwadi).
- ZDI-22-1687: Kure kure kurambwa kwesevhisi kufona nekuda kwekuneta kweinowanika system memory nekuda kwekuburitswa kweiyo isiriyo sosi muSMB2_NEGOTIATE command handler (kurwiswa kunogona kuitwa pasina humbowo).
- ZDI-22-1689 -Kure kure kernel kutadza nekuda kwekushaikwa kwechokwadi cheSMB2_TREE_CONNECT yekuraira paramita, zvichikonzera kuverenga kunze kwenzvimbo yebuffer (kurwiswa kunogona kuitwa chete nemushandisi ane chokwadi).
Tsigiro yekumhanyisa SMB server uchishandisa ksmbd module yanga iri muSamba package kubva muvhezheni 4.16.0.
Kusiyana nemushandisi-nzvimbo yeSMB sevha, ksmbd inoshanda zvakanyanya maererano nekuita, kushandiswa kwendangariro, uye kubatanidzwa nemhando yepamusoro kernel. Ksmbd inosimudzirwa seyepamusoro-inoshanda, plug-uye-kutamba Samba yekuwedzera, iyo inobatanidza neSamba zvishandiso nemaraibhurari sezvinodiwa.
Iyo ksmbd kodhi yakanyorwa naNamjae Jeon weSamsung naHyunchul Lee weLG, uye yakachengetwa naSteve French kuMicrosoft, muchengeti weCIFS/SMB2/SMB3 subsystems muLinux kernel uye ave nenguva ari nhengo yechikwata. Samba developer, uyo mipiro yakakosha pakuitwa kweSMB/CIFS protocol rutsigiro muSamba neLinux.
Zvakakodzera kutaura izvozvo dambudziko riripo kubva kernel 5.15, yakabudiswa muna Mbudzi 2021, uye yakagadziriswa chinyararire mune zvakagadziridzwa 5.15.61, 5.18.18 uye 5.19.2, yakagadzirwa muna Nyamavhuvhu 2022. Sezvo nyaya yacho isati yapihwa chiziviso cheCVE, hapasati pave neruzivo chairwo rwekugadzirisa. dambudziko mukugovera.
pakupedzisira kana uri kufarira kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo Mune inotevera chinongedzo.