Mva nje Sabelana apha kwibhlog iindaba malunga nomdla oboniswe nguMicrosoft malunga nenkqubo esezantsi i-eBPF, Kuba ikwakhe isiseko senkqubo yeWindows esebenzisa indlela engaqondakaliyo yohlalutyo, ethi, xa kuthelekiswa nomhloli we-eBPF weLinux, ibonakalise isantya esisezantsi sobuxoki, ixhasa uhlalutyo lwelogo, kwaye inike isikali esihle.
Indlela le ithathela ingqalelo uninzi lweepateni zentsebenzo eziqhelekileyo ezifunyenwe kuhlalutyo lweenkqubo ezikhoyo ze-eBPF. Inkqubo esezantsi ye-eBPF ifakiwe kwi-kernel ye-Linux ukusukela kwinguqulelo engu-3.18 kunye Ikuvumela ukuba uqhubekise iipakethi zenethiwekhi ezingenayo / eziphumayo, iipakethi zokudlulisa, ukulawula i-bandwidth, ukuthintela iifowuni zenkqubo, ukulawula ukufikelela kunye nokubeka iliso.
Ngaba oko kuthetha ngako, kutshanje kutyhilwe ukuba kuchongwe iindlela ezimbini zokuchaphazeleka kwinkqubo esezantsi I-eBPF, ekuvumela ukuba uqhube abaqhubi ngaphakathi kweLinux kernel kumatshini okhethekileyo weJIT.
Zombini iziphene zinika ithuba lokuqhuba ikhowudi ngamalungelo e-kernel, ngaphandle komatshini obonakalayo we-eBPF.
Ulwazi malunga neengxaki yapapashwa liqela leZero Day Initiative, eqhuba ukhuphiswano lwe-Pwn2Own, apho kulo nyaka kuhlaselwe kathathu ku-Ubuntu Linux, apho ngaphambili kwakusetyenziswa ubungozi obungaziwayo (ukuba ubungozi kwi-eBPF bunxulumene nolu hlaselo aluchazwanga).
Kwafunyaniswa ukuba umda we-eBPF ALU32 wokulandela umkhondo kwimisebenzi ethe nkqo (KUNYE, OKANYE kunye XOR) imida engama-32-bit ayikhange ihlaziywe.
UManfred Paul (@_manfp) weqela leRedRocket CTF (@redrocket_ctf) esebenza nayeInyathelo leTrend Micro's Zero Day lafumanisa ukuba obu bungozi inokuguqulwa ibe yimida efundwayo kwaye ibhale kwikheneli. Oku kuye kwakho ixelwe njenge-ZDI-CAN-13590 kwaye yabelwa i-CVE-2021-3490.
- I-CVE-2021-3490: Umngcipheko ubangelwa kukusilela kokungqinisiswa okungaphandle kwemida yamaxabiso angama-32-bit xa usenza ngokuthe ngcembe KUNYE, OKANYE KUNYE neXOR yokusebenza kwi-eBPF ALU32. Umhlaseli angasebenzisa le bug ukuze afunde kwaye abhale idatha ngaphandle kwemida yesikhuselo esabiweyo. Ingxaki ngokusebenza kweXOR ibisoloko ikho ukusukela kernel 5.7-rc1, KUNYE KUNYE OKANYE ukusukela ngo-5.10-rc1.
- I-CVE-2021-3489: Ubungozi bubangelwa yimpazamo ekuphunyezweni kwendandatho kwaye inxulumene nenyani yokuba umsebenzi we-bpf_ringbuf_reserve awukhange ujonge ubungakanani bendawo yenkumbulo eyabelweyo incinci kunobungakanani bentsimbi ye-ringbuf. Ingxaki ibonakele okoko kukhutshwe i-5.8-rc1.
Kwakhona, Singajonga kwakhona omnye umngcipheko kwi-kernel ye-LinuxI-CVE-2021-32606, ethi ivumela umsebenzisi wasekhaya ukuba anyuse amalungelo abo aye kwingcambu. Ingxaki iyazibonakalisa ukusukela kwiLinux kernel 5.11 kwaye ibangelwa yimeko yomdyarho ekuphumezeni umthetho olandelwayo we-CAN ISOTP, owenza ukuba kutshintshwe iiparameter ezibophelelayo ngenxa yokunqongophala koqwalaselo olufanelekileyo kwiisotp_setsockopt () xa iflegi iqhutywa I-CAN_ISOTP_SF_BROADCAST.
Nje ukuba Isiseko, ISOTP iyaqhubeka nokubopha kwisokethi sokwamkela, esinokuqhubeka nokusebenzisa izakhiwo ezinxulunyaniswa nesokethi emva kokuba inkumbulo enxulumene nayo ikhululiwe. Isotp_sock sele ikhutshiwe xa nditsalela umnxebaisotp_rcv (). Ngokusebenzisa idatha, ungabhala ngaphezulu isikhombisi ukuya emsebenzini sk_error_report () kwaye usebenzise ikhowudi yakho kwinqanaba le-kernel.
Imeko yokulungiswa kwezisongelo kulwabiwo kunokulandelwa kula maphepha: Ubuntu, Debian, RHEL, Fedora, USUSE, igophe).
Ukulungiswa kukwafumaneka njengeepatch (CVE-2021-3489 kunye neCVE-2021-3490). Ukuxhaphaza ingxaki kuxhomekeke kubukho benkqubo ye-eBPF yomsebenzisi. Umzekelo, kuseto olungagqibekanga kwi-RHEL, ukuxhaphaza ubungozi kufuna ukuba umsebenzisi abe namalungelo eCAP_SYS_ADMIN.
Gqibela ukuba ufuna ukwazi ngakumbi ngayo, ungajonga iinkcukacha Kule khonkco ilandelayo.