Kutshanje iindaba ziye zaqhekeka umphandi wokhuseleko uchonge ubuthathaka obubalulekileyo (sele zidweliswe phantsi kwe-CVE-2021-43267) ekuphunyezweni kwe-protocol yenethiwekhi ye-TIPC inikwe kwi-Linux kernel, evumela ukuphunyezwa okude kwekhowudi ngamalungelo e-kernel ngokuthumela ipakethi yenethiwekhi eyenziwe ngokukodwa.
Ingozi yengxaki iyancitshiswa yinto yokuba uhlaselo lufuna ukunika amandla ngokucacileyo inkxaso ye-TIPC kwinkqubo (ngokulayisha kunye nokuqwalasela imodyuli ye-tipc.ko kernel), engenziwanga ngokungagqibekanga kunikezelo lwe-non-Linux.
I-CodeQL yinjini yohlalutyo ekuvumela ukuba uqhube imibuzo kwikhowudi yakho. Ukusuka kwimbono yokhuseleko, oku kunokuvumela ukuba ufumane ubuthathaka ngokuchaza inkangeleko yabo. I-CodeQL iya kuthi emva koko iphile kwaye ifumane zonke iimeko zobo buthathaka.
I-TIPC iye yaxhaswa ukususela kwi-Linux 3.19 kernel, kodwa ikhowudi ekhokelela ekubeni sesichengeni ifakwe kwi-5.10 kernel.. Iprothokholi ye-TIPC yaphuhliswa ekuqaleni ngu-Ericsson, ijonge ukuququzelela unxibelelwano phakathi kwenkqubo kwiqela kwaye ivulwa ikakhulu kwiindawo zeqela.
I-TIPC inokusebenza kokubini kwi-Ethernet nangaphezulu kwe-UDP (izibuko lothungelwano 6118). Kwimeko yokusebenza nge-Ethernet, ukuhlaselwa kunokuqhutywa kwinethiwekhi yendawo, kwaye xa i-UDP isetyenzisiweyo, ukusuka kwinethiwekhi yehlabathi, ukuba ichweba alifakwanga kwi-firewall. Uhlaselo lunokuthi lwenziwe ngumsebenzisi wendawo ngaphandle kwamalungelo kumamkeli. Ukwenza i-TIPC, kufuneka ulayishe imodyuli ye-tipc.ko kernel kwaye uqwalasele ikhonkco kujongano lomsebenzi womnatha usebenzisa i-netlink okanye into eluncedo ye-tipc.
Iprothokholi iphunyeziwe kwimodyuli yekernel edityaniswe nazo zonke izinikezelo ezinkulu zeLinux. Xa ilayishwe ngumsebenzisi, inokusetyenziswa njengesidibanisi kwaye ingaqwalaselwa kwi-interface usebenzisa i-netlink (okanye ukusebenzisa i-tipc yesixhobo sesithuba somsebenzisi, eya kwenza le minxeba ye-netlink) njengomsebenzisi ongenalungelo.
I-TIPC ingaqwalaselwa ukuba isebenze phezu kweprotocol yomphathi njenge-Ethernet okanye i-UDP (kwimeko yokugqibela, i-kernel iphulaphule kwi-port 6118 yemiyalezo engenayo evela kuwo nawuphi na umatshini). Kuba umsebenzisi onamalungelo aphantsi akakwazi ukwenza izakhelo ze-ethernet eluhlaza, ukuseta umthwali kwi-UDP kwenza kube lula ukubhala i-exploit yendawo.
Ubuthathaka buzibonakalisa kumsebenzi we-tipc_crypto_key_rc kwaye kubangelwa ukunqongophala kokuqinisekiswa okufanelekileyo. yembalelwano phakathi kwento echazwe kwiheda kunye nobungakanani bedatha yokwenyani xa kuhlalutywa iipakethe ezinohlobo lwe-MSG_CRYPTO olusetyenziselwa ukufumana izitshixo zoguqulelo oluntsonkothileyo kwezinye iindawo kwiqela ukuze kamva uguqule uguqulelo lokuntsonkotha imiyalezo ethunyelwe kwezi nodi.
Ubungakanani bedatha ekhutshelwe kwimemori ibalwa njengomahluko phakathi kwamaxabiso amasimi kunye nobukhulu bomyalezo kunye nobukhulu besihloko, kodwa ngaphandle kokuthathela ingqalelo ubungakanani begama le-algorithm yoguqulelo oludlulisiweyo. kumyalezo kunye nomxholo weqhosha.
Ubungakanani begama le-algorithm kucingelwa ukuba lilungisiwe, kwaye ukongeza uphawu olwahlukileyo kunye nobukhulu lugqithiselwe kwisitshixo, kwaye umhlaseli angakhankanya ixabiso kule mpawu eyahlukileyo kwixabiso langempela, eliya kukhokelela ekubhaleni Umgca womyalezo ophuma kwisikhuseli esinikezelweyo.
Ubuthathaka buzinze kwiinkozo 5.15.0, 5.10.77 kunye ne-5.14.16, nangona ingxaki ibonakala kwaye ayikalungiswa kwi-Debian 11, Ubuntu 21.04 / 21.10, SUSE (kwisebe le-SLE15-SP4 engekakhululwa), i-RHEL (engekacaci ukuba isisombululo esisengozini sihlaziywe) kunye ne-Fedora.
Nangona kunjalo uhlaziyo lwekernel sele lukhutshiwe kwiArch Linux kunye nonikezelo ngeenkozo phambi kwe-5.10, njenge-Debian 10 kunye ne-Ubuntu 20.04, azichaphazeleki.
Gqibela ukuba unomdla wokwazi okungakumbi ngayo, ungajonga iinkcukacha Kule khonkco ilandelayo.