Mofuta o tsitsitseng oa OpenWrt 22.03.3 oa fihla

openwrt

OpenWrt ke kabo ea Linux e thehiloeng ho firmware e kentsoeng lisebelisoa tse kang li-routers tsa motho.

Ho lokolloa ha mofuta o mocha o tsitsitseng oa OpenWrt 22.03.3 ho sa tsoa phatlalatsoa, ​​​​e leng mofuta oo e tla e tsamaisa liphoso tse fapaneng eo Busybox, dnsmasq le litokiso tse ling li hlahelletseng, ho phaella ho sena, lintlafatso tse ling tsa tšehetso phetolelong ena e ncha le tsona li hlahella.

Bakeng sa ba sa tsebeng OpenWrt, o lokela ho tseba seo ena ke kabo ea Linux e etselitsoeng ts'ebeliso ho lisebelisoa tse fapaneng tsa marang-rangjoalo ka li-routers le libaka tsa phihlello.

openwrt e ts'ehetsa lipolanete le meralo e mengata e fapaneng 'Me e na le sistimi ea ho aha eu lumellang ho etsa li-cross-build tse bonolo ebile li le bonolo, ho kenyeletsoa likarolo tse ngata ka har'a kopano, ho etsa hore ho be bonolo ho theha firmware kapa sesebelisoa sa disk se loketseng ho etsa mesebetsi e ikhethileng ka sete ea liphutheloana tse lakatsehang pele. -e kentsoe.

Litaba tse kholo tsa OpenWrt 22.03.3

Phetolelong ena e ncha e hlahisoang ho tsoa ho OpenWrt 22.03.3 li hlahisoa ntlafatso ea likarolo tse fapaneng tsa sistimi, tseo re ka li fumanang mefuta e ntlafalitsoeng ea Linux kernel 5.10.161 (mofuta o eketsang mac80211 stack wireless ported from version 5.15.81), strace 5.19, mbedtls 2.28.2, openssl 1.1.1s, wolfssl 5.5.4, util-linux 2.37.4, firewall4 2022-10-18, odhcpd 2023-01-02, uhttpd 2022-10-31, iwinfo 2022-12-15, ucode 2022-12-02.

Hammoho le Linux Kernel ho boetse ho boleloa hore ba kentse liphutheloana tse ncha tsa kernel module: kmod-sched-prio, kmod-sched-red, kmod-sched-act-police, kmod-sched-act-ipt, kmod-sched- pie, kmod-sched-drr, kmod-sched-fq-pie, kmod-sched-act-sample, kmod-nvme, kmod-phy-marvell, kmod-hwmon-sht3x, kmod-netconsole, le kmod-btsdio.

Ka lehlakoreng la lintlafatso tsa tšehetso Re ka fumana phetolelong ena e ncha e tšehetsang Ruckus ZoneFlex 7372/7321, ZTE MF289F, TrendNet TEW-673GRU, Linksys EA4500 v3 le Wavlink WS-WN572HP3 4G lisebelisoa.

Ho phaella ho sena, re ka boela ra fumana hore bakeng sa D-Link DIR-825 B1 litlhophiso tsa setšoantšo sa tsamaiso ea fektheri le li-rootfs tse atolositsoeng li kenyelelitsoe. Ka ho sa feleng, firmware ea Broadcom 4366b1 chip e ile ea eketsoa moahong oa Asus RT-AC88U.

Mabapi le litokiso, re ka fumana hore bothata ba ho reboot loop ha u sebelisa LZMA bootloader ho lisebelisoa tsa NETGEAR EX6150, HiWiFi HC5962, ASUS RT-N56U B1, Belkin F9K1109v1, D-Link DIR-645, e rarollotsoe. DIR-860L B1, NETIS WF2881 le ZyXEL WAP6805.

Ho boetse ho boleloa hore bothata ba ho abela liaterese tsa WAN MAC ho lisebelisoa tsa UniElec U7621-01, UniElec U7621-06, TP-Link AR7241, TP-Link TL-WR740N, TP-Link TL-WR741ND v4, Telton230Q le Luma RUT329 Home. -XNUMXACN.

Ea bofokodi bo tsitsitseng lia boleloa

  • CVE-2022-30065: busybox: Lokisa tshebediso-kamora-mahala ho Busybox 1.35-x's
    awk applet
  • CVE-2022-0934: dnsmasq: Lokisa mongolo o se nang boikaketsi oa single-byte / tšebeliso.
    ho hloleha ha poso ea mahala ho seva sa dnsmasq DHCPv6
  •  CVE-2022-1304: e2fsprogs: ho ba kotsing e kantle ho meeli ea ho bala / ho ngola
    e fumanoe ho e2fsprogs 1.46.5
  • CVE-2022-47939: kmod-ksmbd: ZDI-22-1690: Linux Kernel ksmbd Sebelisa -
    Kotsi ea Ts'ebetso ea Khoutu ea Remote Ka mor'a Mahala
  • CVE-2022-46393: mbedtls: lokisa ho baloa ha qubu e ka bang teng le ho feta.
    Ngola
  • CVE-2022-46392: mbedtls: mohanyetsi ea nang le phihlello ea data e nepahetseng ka ho lekaneng
    tlhahisoleseding mabapi le phihlello ya memori e ka fumana konopo ya poraefete ya RSA
  • CVE 2022-42905: wolfssl: Ketsahalong eo WOLFSSL_CALLBACKS
    macro e behiloe ha ho hahoa wolfSSL, ho na le menyetla e mengata ka
    5-byte e baloa ha u sebetsana le likhokahano tsa bareki ba TLS 1.3.

Ea liphetoho tse ling tse hlahelletseng:

  • Ho lisebelisoa tsa Youku YK-L2 le YK-L1, initramfs-kernel.bin e ka kenngoa ka sebopeho sa websaete sa moetsi.
  • D-Link DGS-1210-10P e tšehetsa likonopo tse eketsehileng le matšoao a LED.
  • Mokhanni oa USB o kentsoe kopanong bakeng sa AVM FRITZ!Box 7430.
  • Molaoli oa molumo o kenyellelitsoe kopanong ea HAOYU Electronics MarsBoard A10.
    Linksys EA6350v3, EA8300, MR8300, le lisebelisoa tsa WHW01 li ka ntlafatsa firmware ka ntle ho lebokose.
    Ho senyeha ho tsitsitseng ha boot ka firewall4 le loadfile.
  • E kentse lifaele tsa firmware bakeng sa lisebelisoa tsa mt7916 le mt7921.
  • Sephutheloana sa ustream-openssl se tima lipuisano tsa khokahano ho latela TLSv1.2 le mefuta ea pejana ea protocol.
  • Tšehetso e ekelitsoeng bakeng sa modem ea Quectel EC200T-EU ho sephutheloana sa comgt-ncm.
  • Sesebelisoa sa umbim se lumella ho solla le ho hokahanya ka marang-rang a balekane.
  • Ts'ehetso ea mekhoa ea HE (Wifi 6), lisebelisoa tse ncha (MT7921AU, MT7986 WiSoC) le li-ciphers tse ling (CCMP-256, GCMP-256) li kenyelelitsoe ho iwinfo utility.

Haeba u batla ho tseba haholoanyane ka eona mabapi le lintlha tse kenyellelitsoeng tokollong ena e ncha ea OpenWrt firmware 22.03.3 o ka sheba tlhaiso-leseling phatlalatsong ea pele Ka sehokela se latelang.

Khoasolla mofuta o mocha oa OpenWrt 22.03.3

Meetso ea mofuta ona o mocha e lokiselitsoe lipolanete tse 35 tse fapaneng, moo ho ka fumanoang liphutheloana tsa ntlafatso ho tsoa sehokela se ka tlase.


E-ba oa pele ho fana ka maikutlo

Siea maikutlo a hau

aterese ya hao ya imeile ke ke ho phatlalatswa. masimo a hlokahala a tšoailoe ka *

*

*

  1. E ikarabella bakeng sa lintlha: AB Internet Networks 2008 SL
  2. Morero oa data: Laola SPAM, tsamaiso ea maikutlo.
  3. Molao: Tumello ea hau
  4. Puisano ea data: Lintlha li ke ke tsa tsebisoa batho ba boraro ntle le ka tlamo ea molao.
  5. Polokelo ea data: Database e hapiloeng ke Occentus Networks (EU)
  6. Litokelo: Nako efe kapa efe o ka fokotsa, oa hlaphoheloa mme oa hlakola tlhaiso-leseling ea hau.