Boka revatsvagiri kubva kuYunivhesiti yeCalifornia kuRiverside rakaburitswa Mamwe mazuva apfuura mutsva mutsva weSAD DNS kurwisa iyo inoshanda pasinei nekudzivirirwa kwakawedzerwa gore rakapera kuvhara iyo CVE-2020-25705 kusagadzikana.
Nzira itsva inowanzo zvakafanana nekusagadzikana kwegore rapfuura uye kungosiyaniswa nekushandiswa kwemhando yakasiyana yemapakeji ICMP yekuona inoshanda UDP ports. Kurwiswa kwakarongwa inoita kuti zvikwanise kutsiva dummy data mune cache yeDNS server, iyo inogona kushandiswa kubira IP kero yenzvimbo inopokana mune cache uye inodzosera mafoni kudura kune server yeanorwisa.
Iyo yakatsanangurwa nzira inoshanda chete paLinux network stack Nekuda kwekubatana kwayo kune zvakasarudzika zveICMP packet processing mechanism muLinux, inoshanda sesosi yekudonha kwedata inorerutsa kutsunga kweiyo UDP port nhamba inoshandiswa neseva kutumira chikumbiro chekunze.
Maererano nevatsvakurudzi vakaona dambudziko racho, kusagadzikana kunokanganisa 38% yeanovhura solvers pane network, kusanganisira yakakurumbira DNS masevhisi se OpenDNS uye Quad9 (9.9.9.9). Kune server software, kurwiswa kunogona kuitwa uchishandisa mapakeji senge BIND, Unbound, uye dnsmasq pane Linux server. DNS maseva anomhanya paWindows neBSD masisitimu haaratidze dambudziko. IP spoofing inofanira kushandiswa kupedzisa kurwisa. Izvo zvinodikanwa kuve nechokwadi kuti ISP yeanorwisa haivhare mapaketi ane spoofed source IP kero.
Sechiyeuchidzo, kurwisa SAD DNS inobvumira kuchengetedzwa kwekupfuura kwakawedzerwa kumaseva eDNS kuvharira nzira yemhando yeDNS cache chepfu yakakurudzirwa muna 2008 naDan Kaminsky.
Kaminsky's method inoshandura saizi isingaite yeDNS query ID field, inongori 16 bits. Kuti uwane iyo chaiyo DNS transaction identifier inodiwa kukanganisa zita remuenzi, ingotumira zvingangoita zviuru zvinomwe zvikumbiro uye tevedzera zvingangoita zviuru zana nemakumi mana emhinduro dzenhema. Kurwiswa kwacho kunosvika pakutumira nhamba huru yenhema IP-yakasungwa mapaketi kuhurongwa DNS resolution ine dzakasiyana DNS transaction identifiers.
Kudzivirira kubva kurudzi urwu rwekurwisa, DNS server vagadziri yakaita kugovera zvisina tsarukano kwenhamba dzetiweki port kwanobva kunotumirwa zvikumbiro zvechisarudzo, izvo zvakatsiva saizi yemubato isina kukwana. Mushure mekushandiswa kwedziviriro yekutumira dummy mhinduro, pamusoro pekusarudzwa kwe16-bit identifier, zvakava zvakakodzera kusarudza imwe ye64 zviuru zviteshi, iyo yakawedzera nhamba yesarudzo dzekusarudza kusvika 2 ^ 32.
Nzira yacho SAD DNS inokutendera kuti urerutsa network port nhamba kutsunga uye kuderedza kurwiswa kune classical Kaminsky nzira. Anorwisa anogona kuona kuwana kune isina kushandiswa uye inoshanda UDP madoko nekutora mukana weyakaburitswa ruzivo nezve network port chiitiko kana uchigadzira ICMP mhinduro mapaketi.
Ruzivo rwunodonha rwunokutendera kuti uone nekukurumidza kuona anoshanda UDP ports imhaka yekukanganisa mukodhi kubata ICMP mapaketi ane kupatsanurwa (ICMP kupatsanurwa kunodiwa mureza) kana kutungamira (ICMP redirect flag) zvikumbiro. Kutumira mapaketi akadaro kunoshandura cache state pane network stack, zvichiita kuti zvikwanisike, zvichienderana nemhinduro ye server, kuona kuti ndeipi UDP port inoshanda uye iyo isiri.
Shanduko dzinovharira kuburitswa kweruzivo dzakagamuchirwa muLinux kernel pakupera kwaNyamavhuvhu (Iyo gadziriso yakaverengerwa mukernel 5.15 uye Gunyana zvigadziriso zveLTS matavi ekernel.) Mhinduro ndeyekuchinja kushandisa SipHash hash algorithm mune network caches panzvimbo yeJenkins Hash.
Chekupedzisira, kana iwe uchifarira kuziva zvakawanda nezvazvo, unogona kubvunza iyo ruzivo mune inotevera chinongedzo.