Mva nje Omnye umba wachazwa kwinkqubo esezantsi ye-AF_PACKET I-Linux kernel, ethi ivumela umsebenzisi ongenalungelo elilodwa ukuba asebenzise ikhowudi njengengcambu okanye uphume kwizikhongozeli ezizimeleyo ukuba zinengcambu.
Ulwazi olukhutshiweyo lukhankanya ukuba igunya le-CAP_NET_RAW liyimfuneko yokwenza isokethi se-AF_PACKET kunye nokuxhaphaza ubungozi.
Nangona kunjalo, kuyaphawulwa ukuba umsebenzisi ngaphandle kwamalungelo angafumana imvume ichaziwe kwizikhongozeli ezenziwe kwiinkqubo ezinendawo yokusebenza yamagama enikwe amandla.
Umzekelo, izithuba zamagama abasebenzisi zibandakanyiwe ngokungagqibekanga ku-Ubuntu nakwiFedora, kodwa azenziwanga kwi-Debian nakwi-RHEL. Ngelixa kwi-Android, inkqubo ye-mediaerver inelungelo lokwenza i-AF_PACKET socket, apho kungasetyenziswa khona ubungozi.
Malunga nokuba sesichengeni kwi-AF_PACKET
Ubungozi bukhona kwi-tpacket_rcv function kwaye kubangelwa yimpazamo ekubaleni umahluko wenetoff.
Umhlaseli unokudala iimeko phantsi kwayo Uya kubhala ixabiso elingaphantsi kwe-maclen Umahluko kwi-netoff, ethi iya kubangela ukuphuphuma ngokubala "macoff = netoff-maclen" kwaye ngokwenza njalo kungaseta ngokungalunganga isikhombisi kwisikhuseli sedatha engenayo.
Nje ngeziphumo, umhlaseli unokuqalisa ukubhala i-1 ukuya kwi-10 ye-byte kwindawo engaphandle kwesikhuselo esabiweyo.
Impazamo yokubala ibikhona kwi-kernel ukusukela ngoJulayi ka-2008, oko kukuthi, kuzo zonke iinkozo ezikhoyo, nangona kunjalo amandla okwangoku okusebenzisa ukubhala kwindawo engaphandle kwento eyabelweyo (ubungozi) yaziswa ngoFebruwari ukusuka ngo-2016 (ukusuka Iinguqulelo ze-kernel 4.6-rc1 kwaye kamva), kunye nophuhliso lwe-virtio_net inkxaso.
Isisombululo sengxaki sisasetyenzwa njengesiqwengana. Ukongeza kwinto yokuba, kwelinye icala, kuyaphawulwa ukuba ukuxhaphaza kuyenziwa okuvumela ukufumana amalungelo engcambu kwinkqubo.
Kulabo banomdla wokwazi ukuba ukulungiswa sele kukhona ukuhanjiswa kwabo, banokulandela umkhondo wokubonakala kohlaziyo lwephakheji kulwabiwo olwahlukileyo kula maphepha alandelayo: Ubuntu, Fedora, USUSE, Debian, RHEL, igophe.
Iskripthi sokubhaliweyo senkxaso yesicatshulwa sasuswa
Kwelinye icala sithetha ngeLinux Kernel, kwabhengezwa kwakhona ukuba ikhowudi yokukhangela okubhaliweyo isuswe ekusetyenzisweni kwekhonsoli yokubhaliweyo kwiLinux kernel (CONFIG_VGACON_SOFT_SCROLLBACK).
Ikhowudi isuswe ngenxa yobukho beebugs, apho kwakungekho mntu wokulungisa ngenxa yokunqongophala komphathi wokongamela uphuhliso lwe-vgacon.
Kwaye oko Kwiinyanga ezimbalwa ezidlulileyo ubungozi buchongiwe kwaye balungiswa kwi-vgacon (I-CVE-2020-14331) enokubangela ukugcwala kwempazamo ngenxa yokunqongophala kokuvavanywa kokuvavanywa kwempazamo. Ubungozi babamba ingqalelo yabaphuhlisi Ocwangcise iimvavanyo zokuthambisa zekhowudi ye-vgacon kwi-syzbot.
ngaphandle koko Ukuqinisekiswa okungaphezulu kutyhile imiba emininzi engakumbi efanayo kwikhowudi ye-vgacon, kunye neengxaki ekuphunyezweni kwesoftware kumlawuli we-fbcon.
Ngelishwa ikhowudi yengxaki ishiywe ingakhathalelwanga ixesha elide, mhlawumbi ngenxa yokuba abaphuhlisi batshintshele ekusebenziseni imizobo yemifanekiso kunye nokubhaliweyo okuyekisiweyo ukusetyenziswa (abantu bayaqhubeka nokusebenzisa i-vgacon kunye ne-fbcon consoles, kodwa khange ibe sisixhobo esiphambili se-kernel amashumi eminyaka kwaye bazisasazile zombini imisebenzi efana nolawulo olwakhelwe-ngaphakathi ngokukrola (Shift + PgUp / PgUp) mhlawumbi zikwimfuno esezantsi).
Ngaloo ngqiqo, ILinus Torvalds igqibe ekubeni ingazami ukugcina ikhowudi ayifunwanga, kodwa yicime.
Okokugqibela, kuyakhankanywa ukuba ukuba kukho abasebenzisi abafuna lo msebenzi, ikhowudi yokuxhasa ukukrola kwi-console izakubuyiselwa kwikernel nje ukuba kubekho umlondolozi olungeleyo okanye ofuna ukuthatha uxanduva lokuyigcina. izandla, Oko kukuthi, ukuphela komntu ofuna ukunikezela ixesha kuyo.