Ukukhishwa kwenguqulo entsha ezinzile ye-OpenWrt 22.03.3 kusanda kumenyezelwa, inguqulo iza namaphutha ahlukahlukene okuyi-Busybox, i-dnsmasq nezinye izilungiso ezigqamayo, ngaphezu kwalokhu, okunye ukuthuthukiswa kokusekelwa kule nguqulo entsha nakho kuyagqama.
Kulabo abangayazi i-OpenWrt, kufanele ukwazi lokho lokhu kusatshalaliswa kweLinux okwenzelwe ukusetshenziswa kumadivayisi wenethiwekhi ahlukahlukenenjengama-routers nezindawo zokufinyelela.
I-OpenWrt isekela amapulatifomu amaningi ahlukahlukene nezakhiwo futhi inohlelo lokwakha olukuvumela ukuthi uhlanganise kalula futhi kalula, kufaka phakathi izinto eziningi ku-Assembly, okwenza kube lula ukudala i-firmware elungele ukusetshenziswa noma isithombe sediski esenzelwe imisebenzi ethile ngesethi oyifunayo yamaphakeji pre- ifakiwe.
Izindaba eziyinhloko ze-OpenWrt 22.03.3
Kule nguqulo entsha ethulwa kusuka ku-OpenWrt 22.03.3 kuvezwa ukuthuthukiswa kwezingxenye ezihlukahlukene zesistimu, esingayithola izinguqulo ezibuyekeziwe ze-Linux kernel 5.10.161 (inguqulo yengeza isitaki esingenantambo se-mac80211 esifakwe kunguqulo engu-5.15.81), i-strace 5.19, i-mbedtls 2.28.2, openssl 1.1.1s, wolfssl 5.5.4, util-linux 2.37.4, firewall4 2022-10-18, odhcpd 2023-01-02, uhttpd 2022-10-31, iwinfo 2022-12-15, ucode 2022-12-02.
Kanye ne-Linux Kernel kuyashiwo futhi ukuthi bangeze amaphakheji emojula ye-kernel entsha: i-kmod-sched-prio, i-kmod-sched-red, i-kmod-sched-act-polisi, i-kmod-sched-act-ipt, i-kmod-sched- pie, kmod-sched-drr, kmod-sched-fq-pie, kmod-sched-act-sample, kmod-nvme, kmod-phy-marvell, kmod-hwmon-sht3x, kmod-netconsole, kanye ne-kmod-btsdio.
Engxenyeni ye- ukuthuthukiswa kosekelo Singathola kule nguqulo entsha ukwesekwa kwe-Ruckus ZoneFlex 7372/7321, ZTE MF289F, TrendNet TEW-673GRU, Linksys EA4500 v3 kanye ne-Wavlink WS-WN572HP3 4G amadivayisi wengeziwe.
Ngaphezu kwalokhu, singathola futhi ukuthi ku-D-Link DIR-825 B1 izilungiselelo zesithombe sesistimu yefekthri kanye nezimpande ezinwetshiwe zengeziwe. Ngokuzenzakalelayo, i-firmware ye-chip ye-Broadcom 4366b1 yengezwe ekwakhiweni kwe-Asus RT-AC88U.
Mayelana nokulungiswa, singathola ukuthi inkinga yokuqalisa kabusha iluphu uma usebenzisa i-LZMA bootloader kumadivayisi NETGEAR EX6150, HiWiFi HC5962, ASUS RT-N56U B1, Belkin F9K1109v1, D-Link DIR-645, isixazululiwe. D-Link. I-DIR-860L B1, i-NETIS WF2881 ne-ZyXEL WAP6805.
Kuphinde kuphawulwe ukuthi inkinga yokwabela amakheli e-WAN MAC kumadivayisi we-UniElec U7621-01, UniElec U7621-06, TP-Link AR7241, TP-Link TL-WR740N, TP-Link TL-WR741ND v4, Telton230 I-Luma i-WOR329 Home. -XNUMXACN.
Of ubuthakathaka obugxilile kuyakhulunywa
- I-CVE-2022-30065: i-busybox: Lungisa ukusebenzisa ngemva kwamahhala ku-Busybox 1.35-x's
awu applet - I-CVE-2022-0934: dnsmasq: Lungisa ukubhala/ukusetshenziswa kwebhayithi eyodwa okungakhethi.
ukwehluleka kokuthunyelwe kwamahhala kuseva ye-dnsmasq DHCPv6 - I-CVE-2022-1304: i-e2fsprogs: ukuba sengozini yokufunda/ukubhala ngaphandle kwemingcele
itholwe ku-e2fsprogs 1.46.5 - CVE-2022-47939: kmod-ksmbd: ZDI-22-1690: Linux Kernel ksmbd Use -
Ukuba Sengozini Yokusebenzisa Ikhodi Ekude Ngemva Kwamahhala - I-CVE-2022-46393: i-mbedtls: lungisa ukufundwa kwebhafa yenqwaba engaba khona futhi
Bhala ngaphezulu - I-CVE-2022-46392: i-mbedtls: isitha esikwazi ukufinyelela idatha enembe ngokwanele
ulwazi mayelana nokufinyelela kwimemori lungathola ukhiye oyimfihlo we-RSA - I-CVE 2022-42905: wolfssl: Esimeni lapho i-WOLFSSL_CALLBACKS
i-macro isethwe lapho kwakhiwa i-wolfSSL, kuningi okungenzeka ngakho
I-5-byte ifundwe lapho uphatha ukuxhumana kweklayenti le-TLS 1.3.
Of ezinye izinguquko okugqamile:
- Kumadivayisi we-Youku YK-L2 kanye ne-YK-L1, i-initramfs-kernel.bin ingafakwa kusetshenziswa isixhumi esibonakalayo sewebhu somkhiqizi.
- I-D-Link DGS-1210-10P isekela izinkinobho ezengeziwe nezinkomba ze-LED.
- Umshayeli we-USB wengeziwe kumhlangano we-AVM FRITZ!Box 7430.
- Isilawuli somsindo sengezwe kumhlangano we-HAOYU Electronics MarsBoard A10.
I-Linksys EA6350v3, EA8300, MR8300, kanye namadivayisi we-WHW01 angabuyekeza i-firmware ngaphandle kwebhokisi.
Kulungiswe ukuphahlazeka ebhuthini nge-firewall4 kanye nefayela lokulayisha. - Kungezwe amafayela e-firmware we-mt7916 kanye namadivayisi we-mt7921.
- Iphakheji ye-ustream-openssl ikhubaza ukuxoxisana kokuxhumeka okusekelwe ku-TLSv1.2 nezinguqulo zangaphambilini zephrothokholi.
- Usekelo olungeziwe lwemodemu ye-Quectel EC200T-EU kuphakheji ye-comgt-ncm.
- Insiza ye-umbim ivumela ukuzulazula nokuxhumeka ngamanethiwekhi ozakwethu.
- Usekelo lwamamodi e-HE (Wifi 6), amadivayisi amasha (MT7921AU, MT7986 WiSoC) kanye nama-cipher engeziwe (CCMP-256, GCMP-256) engeziwe kunsiza ye-iwinfo.
Uma ufuna ukwazi kabanzi ngayo mayelana nemininingwane efakwe kulokhu kukhishwa okusha kwe-firmware OpenWrt 22.03.3 ungabheka imininingwane ekushicilelweni kwasekuqaleni Kulesi sixhumanisi esilandelayo.
Landa inguqulo entsha ye-OpenWrt 22.03.3
Ukwakhiwa kwale nguqulo entsha kulungiselelwe amapulatifomu ahlukene angama-35, lapho kungatholwa khona amaphakheji wokuvuselela kusuka kusixhumanisi esingezansi.