Ukuba zixhatshaziwe, ezi ziphene zinokuvumela abahlaseli ukuba bafumane ukufikelela okungagunyaziswanga kulwazi olubuthathaka okanye ngokubanzi babangele iingxaki.
Kutshanje iindaba ziye zaqhekeka ubuthathaka obubalulekileyo ichongiwe kwimodyuli ye-ksmbd, ebandakanyiweyo ekuphunyezweni komncedisi wefayile esekelwe kwiprotocol ye-SMB yakhelwe kwi-Linux kernel.
Impazamo ifunyenwe ivumela ukude ufezekise ukwenziwa kwekhowudi ngamalungelo e-kernel. Uhlaselo lunokwenziwa ngaphandle kokuqinisekiswa, kwanele ukuba imodyuli ye-ksmbd isebenze kwinkqubo.
Ngelo xesha iinkcukacha ezichanekileyo kwindlela esetyenziswayo ukuxhaphaza ukuba sesichengeni azikatyhilwa okwangoku Ukuba sesichengeni kwaziwa kuphela ukuba kubangelwa kukufikelela kwindawo yenkumbulo esele ikhululiwe (Sebenzisa-Emva-Simahla) ngenxa yokusilela ukujonga ubukho bento phambi kokwenza imisebenzi kuyo.
IINKCUKACHA ZOKUBA SEMBUTHENI
Obu buthathaka buvumela abahlaseli bekude ukuba baphumeze ikhowudi engafanelekanga kufakelo oluchaphazelekayo lweLinux Kernel. Ungqinisiso aluyomfuneko ukusebenzisa obu buthathaka, kodwa ziinkqubo kuphela ezine-ksmbd ezenziwe zisebenze ezisesichengeni.Isiphene sikhona ngaphakathi koqhubekeko lwe SMB2_TREE_DISCONNECT yemiyalelo. Ingxaki ibangelwa ukungabikho kokuqinisekiswa kobukho bento ngaphambi kokwenza imisebenzi kwinto. Umhlaseli angasebenzisa obu buthathaka ukwenza ikhowudi kumxholo wekernel.
Kuyakhankanywa ukuba ingxaki inxulumene ne into yokuba kumcimbi smb2_tree_disconnect(), inkumbulo eyabiweyo yakhululwa ye ksmbd_tree_connect isakhiwo, kodwa emva koko isalathisi besisasetyenziswa xa kusetyenzwa izicelo ezithile zangaphandle eziqulathe SMB2_TREE_DISCONNECT imiyalelo.
Ukongeza kubuthathaka obukhankanywe kwi-ksmbd, Imiba emi-4 engenabungozi nayo iyalungiswa:
- I-ZDI-22-1688 -Ukwenziwa kwekhowudi ekude kunye namalungelo e-kernel ngenxa yokungaphumeleli ukujonga ubungakanani bedatha yangaphandle ngaphambi kokuyikopisha kwi-buffer eyabelwe kwikhowudi yokucubungula uphawu lwefayile. Ingozi yobuthathaka iyancitshiswa yinto yokuba uhlaselo lunokwenziwa kuphela ngumsebenzisi oqinisekisiweyo.
- I-ZDI-22-1691-Imemori ye-Kernel yolwazi olukude luvuza ngenxa yokutshekishwa okungalunganga kweeparamitha zokufaka kwi-SMB2_WRITE isiphathi somyalelo (uhlaselo lunokwenziwa kuphela ngumsebenzisi oqinisekisiweyo).
- I-ZDI-22-1687: Ukudelwa ukude kwefowuni yenkonzo ngenxa yokudinwa kwememori yenkqubo ekhoyo ngenxa yokukhutshwa kwesixhobo esingalunganga kwi-SMB2_NEGOTIATE yomphathi womyalelo (uhlaselo lunokwenziwa ngaphandle kokuqinisekiswa).
- I-ZDI-22-1689 - Ukusilela kwe-kernel ekude ngenxa yokungabikho kokuqinisekiswa okufanelekileyo kwe-SMB2_TREE_CONNECT iiparamitha zomyalelo, okukhokelela ekufundweni kwendawo ye-buffer (uhlaselo lunokwenziwa kuphela ngumsebenzisi oqinisekisiweyo).
Inkxaso yokuqhuba iseva ye-SMB usebenzisa imodyuli ye-ksmbd ibikwiphakheji ye-Samba ukusukela kwinguqulelo 4.16.0.
Ngokungafaniyo neseva ye-SMB yendawo yomsebenzisi, i-ksmbd isebenze ngakumbi ngokwemigaqo yokusebenza, ukusetyenziswa kwememori, kunye nokudibanisa kunye neempawu eziphambili zekernel. I-Ksmbd ikhuthazwa njengento ephezulu yokusebenza, iplagi kunye ne-play Samba extension, edibanisa nezixhobo zeSamba kunye namathala eencwadi njengoko kufuneka.
Ikhowudi ye-ksmbd yabhalwa nguNamjae Jeon we-Samsung kunye noHyunchul Lee we-LG, kwaye igcinwe nguSteve French kwa-Microsoft, umgcini we-CIFS/SMB2/SMB3 inkqubo engaphantsi kwi-Linux kernel kunye nelungu elidala leqela. igalelo elibalulekileyo ekuphunyezweni kwenkxaso yeprotocol ye-SMB/CIFS kwiSamba kunye neLinux.
Kufanelekile ukuba ukhankanye loo nto ingxaki ikhona ukusukela kwi-kernel 5.15, ikhutshwe ngoNovemba ka-2021, kwaye yalungiswa ngokuthe cwaka kuhlaziyo 5.15.61, 5.18.18 kunye no-5.19.2, olwenziwe ngo-Agasti 2022. Ekubeni umba ungekabelwa isichongi se-CVE, akukabikho lwazi luchanekileyo okwangoku malunga nendlela yokulungisa. ingxaki kunikezelo.
ekugqibeleni ukuba ukhona unomdla wokwazi ngakumbi ngayo, ungajonga iinkcukacha Kule khonkco ilandelayo.