10
Mazuva mashoma apfuura nhau dzakaburitswa idzo Kusagadzikana kuviri kwakaonekwa muLinux Kernel yekutanga yakanyorwa kare seCVE-2022-0435 uye yakawanikwa muLinux kernel module inopa kushanda kweTIPC (Transparent Inter-Process Communication) network protocol.
Uku kunetseka inogona kubvumira kodhi kumhanya pa kernel level nekutumira pakiti kunetiweki yakagadzirwa.
Dambudziko inongobata masisitimu ane tipc.ko kernel module yakarodha uye yakagadziridzwa neTIPC stack, iyo inowanzo shandiswa mumasumbu uye haigoneswe nekusarudzika pane isina-yakasarudzika Linux kugovera.
Kunetseka inokonzerwa nekuwanda kwe stack kunoitika pakugadzirisa mapaketi, kukosha kwemunda nenhamba yenhengo node dzenzvimbo iyo inodarika 64.
Kuti uchengetedze maparamendi emanodhi mu tipc.ko module, array seti "u32 nhengo[64]", asi mukugadzirisa izvo zvinotsanangurwa mupakeji. Iyo node nhamba haitarise iyo "member_cnt" kukosha, iyo inobvumira kukosha kwakakura kupfuura 64 kushandiswa kudzora kudhindwa kwedata munzvimbo yendangariro pazasi. iyo stack mushure me "dom_bef" chimiro.
Iyo TIPC protocol yakatanga kugadzirwa naNokia, yakagadzirirwa kuronga kutaurirana pakati pematanho ari musumbu uye inovhurwa zvakanyanya pamanodhi esumbu. TIPC inogona kushanda pane ese Ethernet uye UDP (network port 6118).
Paunenge uchishanda pamusoro peEthernet, kurwiswa kunogona kuitwa kubva kunetiweki yemunharaunda, uye kana uchishandisa UDP, kubva kune network network, kana chiteshi chisina kuvharwa nefirewall. Kurwiswa kwacho kunogonawo kuitwa nemushandisi wepanzvimbo pasina ropafadzo pane anotambira. Kugonesa TIPC, unofanirwa kurodha iyo tipc.ko kernel module uye kugadzirisa inosunga kune network interface uchishandisa netlink kana tipc utility.
Izvo zvinotaurwa kuti paunenge uchivaka kernel mu "CONFIG_FORTIFY_SRC=y" modhi (inoshandiswa muRHEL), iyo inowedzera macheki ekuwedzera kune memcpy () basa, oparesheni inongogumira panomira emergency (kernel inopinda mu "Kernel Panic" state).
Kana ichiitwa pasina mamwe macheki uye ruzivo nezve canary mireza inoshandiswa kuchengetedza stack yakaburitswa, nyaya yacho inogona kushandiswa kuita kure kure kodhi ine kodzero dzekernel. Vatsvagiri vaona nyaya iyi vanoti nzira yekushandisa idiki uye inozoburitswa mushure mekubviswa kwakawanda kwekusagadzikana mukugovewa.
Iyo bug yakaunza kusagadzikana yakaunzwa munaChikumi 15, 2016 uye yakava chikamu cheLinux 4.8 kernel. vulnerability yakagadziriswa mu kernel versions Linux 5.16.9, 5.15.23, 5.10.100, 5.4.179, 4.19.229, 4.14.266 uye 4.9.301.
Imwe njodzi iyo yakawanikwa muLinux kernel iri CVE-2022-24122 mune kodhi yekubata rlimit zvipingaidzo munzvimbo dzakasiyana dzemazita.
Iyo bug yakaunzwa mune shanduko yakawedzerwa muZhizha 2021, kufambisa kushandiswa kwemamwe maRLIMIT counters kushandisa "ucounts" chimiro. Izvo "ucounts" zvinhu zvakagadzirirwa RLIMIT zvakaramba zvichishandiswa mushure mekusunungura ndangariro yavakagoverwa (kushandisa-mushure-yemahara) nekubvisa iyo namespace yakabatana navo, izvo zvakaita kuti zvikwanisike kuita kernel-level execution yekodhi yavo.
Kushandiswa kwekusagadzikana nemushandisi asina rusaruro kunogoneka chete kana sisitimu iine mukana usina mukana kune mushandisi identifier namespace (isina rombo remushandisi zita), iyo inogoneswa nekusarudzika muUbuntu neFedora. , asi isingagoneswe paDebian neRHEL.
Sechishandiso chekuvhara kusazvibata, unogona kudzima mukana usina rusaruro kune zita remushandisi:
sysctl -w kernel.unprivileged_userns_clone=0
Dambudziko yanga iripo kubvira Linux kernel 5.14 uye ichagadziriswa mune 5.16.5 uye 5.15.19 inogadziridza. Iwo akagadzikana mapazi eDebian, Ubuntu, SUSE/openSUSE uye RHEL haana kukanganiswa nenyaya, asi anoonekwa muFedora nyowani uye Arch Linux kernels.