Izolo Ulwazi lukhutshwe malunga nokuba semngciphekweni kwiKernel kernel kwaye esele ikhathalogwe njenge-CVE-2021-3609. Obu bungozi ivumela umsebenzisi wasekhaya ukuba anyuse amalungelo abo kwinkqubo ngenxa yemeko yomdyarho ekuphunyezweni komgaqo olandelwayo we-CAN BCM kwaye ubonakalisiwe kwiinguqulelo 2.6.25 ukuya ku-5.13-rc6 ye-Linux kernel.
Isigqibo sithatha inzuzo kuba i Inkqubo ye-Can BCM ikuvumela ukuba ubhalise umphathi wakho womyalezo yenethiwekhi yendawo yomlawuli (i-CAN) kwaye uyixhume kwisokethi ethile yenethiwekhi. Xa umyalezo ongenayo ufika, umsebenzi ubizwa bcm_rx_handler () umhlaseli angasebenzisa ithuba lomdyarho kwaye anyanzele isokethi yenethiwekhi ukuvala ngelixa esenza bcm_rx_handler ().
Ingxaki iza xa isokisi ivaliwe kwaye umsebenzi ubiziwe bcm_ nceda (), apho imemori eyabelwe ulwakhiwo ikhululwa khona bcm_op kunye bcm_sock, eqhubeka nokusetyenziselwa ukuphatha bcm_rx_handler () esaqhubayo, yiyo loo nto kuvela imeko ekhokelela ekufikeleleni kwimemori esele ikhululiwe (sebenzisa-emva kokukhululeka).
Esi sisibhengezo se-bug esandula ukuxelwa (i-CVE-2021-3609) kwinkqubo ye-CAN BCM yenethiwekhi kwi-kernel ye-Linux esusela kuhlobo lwe-2.6.25 ukuya kwi-5.13-rc6 ephambili.
Ukuba sesichengeni yimeko yomdyarho kwi-net / can / bcm.c evumela ukunyuka kwelungelo ukuya kwingcambu. Ingxaki yaxelwa ekuqaleni yi-syzbot kwaye uNorbert Slusarek wangqina ukuba uyaxhaphaza.
Uhlaselo lubila ekuvuleni iziseko ezimbini ze-CAN BCM kwaye uzibophelela kwi-vcan interface. Kwisihlanganisi sokuqala, uyafowuna thumela ismsg () ngesalathi RX_SETUP ukuqwalasela isilawuli semiyalezo engenayo ye-CAN nakwisihlanganisi sesibini, uyafowuna thumela ismsg () ukuthumela umyalezo kwisinxibelelanisi sokuqala.
Emva kokuba umyalezo ufikile, i bcm_rx_handler () umnxeba ubangelwe kwaye umhlaseli athathe umzuzu ofanelekileyo kwaye avale isokethi sokuqala, ekhokelela ekusungulweni kwe- bcm_ nceda () nokumiliselwa kwezakhi bcm_op kunye bcm_sock, nangona umsebenzi we bcm_rx_handler () ayikagqitywa.
Ngokusebenzisa umxholo we-bcm_sock, umhlaseli angabhala ngaphezulu isikhombisi kwi-sk-> sk_data_ready (sk) umsebenzi, uqondise kwakhona ukwenziwa, kwaye, usebenzisa ubuchule obujolise ekubuyeni (ROP) ubuchwephesha, kwaye ngaphezulu ikhowudi ye-modprobe_path kwaye wenze ikhowudi yakhe ibale njengengcambu .
Xa usebenzisa ubuchule beROP, umhlaseli akazami ukubeka ikhowudi yakhe kwimemori ye, kodwa iyasebenza iziqwenga ze imiyalelo yomatshini sele ikhona kwiilayibrari ezilayishiwe, eziphela ngesiteyitimenti sokubuyisa ulawulo (njengomthetho, ezi kukuphela kwemisebenzi yethala leencwadi)
Iimvume ezifunekayo zokwenza uhlaselo zinokufunyanwa ngumsebenzisi ongenalungelo kwizikhongozeli ezenziwe kwiinkqubo ezinendawo yokusebenza yamagama. Umzekelo, izithuba zamagama abasebenzisi zibandakanyiwe ngokungagqibekanga ku-Ubuntu nakwiFedora, kodwa azenziwanga kwi-Debian nakwi-RHEL.
Ukuzama kwam ukuxhaphaza kugxile kwiimbumba ngohlobo> = 5.4-rc1 ukusuka ukuzibophelela bf74aa86e111. Khange ndiphande ngokuxhaphaza iinkozo ezindala kune-5.4-rc1 ndisebenzisa ii-tasklets, nangona kunjalo ukuxhaphaza iinkozo ezindala kubonakala kunokwenzeka.
Kuyakhankanywa ukuba Umphandi ochonge ukuba semngciphekweni wakwazi ukulungiselela ukuxhaphaza ukufumana amalungelo engcambu kwiisistim ezineenkozo ezivela kuhlobo 5.4 kwaye kamva, kubandakanya ukubakho kohlaselo oluyimpumelelo kwi-Ubuntu 20.04.02 LTS.
Umsebenzi wokuxhaphaza uncitshisiwe ekwakheni ikhonkco leminxeba kwiibhloko ezifanayo ("izixhobo") ukufumana ukusebenza okufunekayo. Olu hlaselo ludinga ukufikelela kwiziseko ze-CAN kunye nenethiwekhi ye-vcan yenethiwekhi.
Gqibela kuyakhankanywa ukuba ingxaki isaqhubeka kuninzi lonikezelo, kodwa ngumcimbi weentsuku ngaphambi kokuba kukhutshwe iziqwengana ezihambelanayo.
Ukuba unomdla wokwazi okungakumbi ngayo, unokubonisana eli khonkco lilandelayo.