Ukuba zixhatshaziwe, ezi ziphene zinokuvumela abahlaseli ukuba bafumane ukufikelela okungagunyaziswanga kulwazi olubuthathaka okanye ngokubanzi babangele iingxaki.
Kwiintsuku ezimbalwa ezidlulileyo iindaba zavela ukuba Ubuthathaka obubini buchongiwe iinkqubo ezisezantsi ze i-linux kernel, I-Netfilter kunye ne-io_uring, evumela umsebenzisi wasekhaya ukuba aphakamise amalungelo abo kwinkqubo.
Eyokuqala kukuba sesichengeni. (CVE-2023-32233) efunyenwe kwisistim esezantsi yeNetfilter kwaye ibangelwa kusetyenziso-emva kwe-free kwimemori yokufikelela kwimodyuli ye-nf_tables, eqinisekisa ukusebenza kwesihluzo sepakethe ye-nftables.
Le bug kungenxa yokuba i-netfilter ye-nf_tables ivumela ukuhlaziya uqwalaselo lwayo izicelo ibhetshi ukuba iqela kunye imisebenzi emininzi esisiseko kwiintengiselwano zeathom.
Ingxaki iye yaveliswa kwiinguqulelo ezahlukeneyo zeLinux kernel, kuquka iLinux 6.3.1 (isigxina sangoku) kunye nobuthathaka bunokusetyenziswa ngokuthumela izicelo ezenziwe ngokukodwa ukuhlaziya uqwalaselo lwe-nftables. Kukhankanyiwe ukuba uhlaselo lufuna ukufikelela kwi-nftables, enokufumaneka kwindawo yegama lomsebenzi womnatha eyahlukileyo ukuba unamalungelo e-CLONE_NEWUSER, CLONE_NEWNS, okanye CLONE_NEWNET (umzekelo, ukuba unokusebenzisa isikhongozeli esizimeleyo).
Kule bug, umphandi ochonge ingxaki wathembisa ukuhlehlisa iveki ukupapashwa kolwazi oluneenkcukacha kunye nomzekelo wokuxhaphazwa okusebenzayo okubonelela ngeengcambu zeengcambu.
Kwimeko ethile, isicelo sebhetshi esingasebenziyo sinokuqulatha umsebenzi ocima ngokufihlakeleyo isethi ekhoyo ye-nft engachazwanga elandelwa ngomnye umsebenzi ozama ukwenza kwaloo nto ingachazwanga yesethi ye-nft emva kokuba icinyiwe. Kulo mzekelo ungentla, umzekelo walo msebenzi ungentla ucima umthetho okhoyo we-nft osebenzisa i-nft engaziwa. Kwaye umzekelo womsebenzi wamva yinzame yokususa i element ukusuka kuloo nft engachazwanga uluhlu emva kokuba uluhlu lususiwe ngokutshintshanayo, umsebenzi wamva unokuzama ukususa ngokuthe gca loo nft ingachazwanga uluhlu kwakhona.
Njengoko sele kukhankanyiwe ekuqaleni, le yayiyientsuku ezininzi ezidlulileyo kwaye ukuxhaphaza kunye nolwazi lwalusele lubhengeziwe. I-exploit kunye neenkcukacha zayo zinokufumaneka kwikhonkco elilandelayo.
Isiphoso sesibini sifunyenwe, yaba sesichengeni (CVE-2023-2598) kwi ukuphunyezwa kojongano lwe-asynchronous I/O io_uring ibandakanyiwe kwiLinux kernel ukusukela kwinguqulelo 5.1.
Ingxaki ibangelwe ligciwane kumsebenzi we-io_sqe_buffer_register, ovumela ufikelelo kwinkumbulo ephathekayo ngaphandle kwemida yesikhuseli esabiwe ngokwezibalo. Umba uvela kuphela kwisebe le-6.3 kwaye uya kulungiswa kuhlaziyo olulandelayo lwe-6.3.2.
Ikhankanyiwe ukuba imbono emva kwesibophelelo sokuqala kukuba endaweni yokwahlula amaphepha amakhulu adityaniswe kungeniso lomntu ngamnye, unokuba nengeniso enye yebvec yazo zonke iindawo ezikhuselweyo zephepha. Ngokukodwa, ukuba onke amaphepha kwimephu yesithinteli asebenzisa ulwakhiwo lwephepha lokuqala kunye nobude be-buffer kwingeniso enye yebvec endaweni yokwenza imephu yephepha ngalinye ngokwalo.
Ke ibvec izakwandisa ngaphaya kwephepha elinye elivumelekileyo ukuba lichukumise. Kamva, i-IORING_OP_READ_FIXED kunye ne-IORING_OP_WRITE_FIXED zisivumela ukuba sifunde kwaye sibhale kwi-buffer (okt, imemori eyalathwa yi-bvec) xa sithanda. Oku kuvumela ukufikelela kokufunda/ukubhala kwinkumbulo yomzimba emva kwephepha ekuphela kwalo esinalo ngokwenene.
Upapasho lobuthathaka lukhankanya amanyathelo okuvelisa impazamo:
1. Yenza i-memfd
2. Impazamo yephepha elinye kuloo nkcazelo yefayile
3. Sebenzisa i-MAP_FIXED ukwenza imephu eli phepha ngokuphindaphindiweyo, kwiindawo ezilandelelanayo
4. Bhalisa yonke ingingqi osandula ukuyizalisa ngelo phepha njenge
isithinteli esilungisiweyo nge-IORING_REGISTER_BUFFERS
5. Sebenzisa i-IORING_OP_WRITE_FIXED ukubhala isithinteli kwenye ifayile
(OOB funda) okanye IORING_OP_READ_FIXED ukufunda idata kwibuffer (
OOB bhala).
Ekugqibeleni kufanelekile ukukhankanya oko sele ikhona iprototype esebenzayo (I-CVE-2023-2598) kuvavanyo, ikuvumela ukuba usebenzise ikhowudi ngamalungelo e-kernel.
Ukuba sesichengeni (I-CVE-2023-32233) Yalungiswa kuhlaziyo lwe-6.4-rc kwaye unokulandela ukulungiswa kobuthathaka kunikezelo kumaphepha: Debian, Ubuntu, Gentoo, RHEL, Fedora, SUSE/openSUSE y igophe.