Inguqulo ezinzile ye-OpenWrt 22.03.3 iyafika

Darkcrizt

Imizuzu ye-4

I-OpenWrt

I-OpenWrt ukusatshalaliswa kweLinux okusekelwe ku-firmware eshumekwe kumadivayisi afana namarutha omuntu siqu.

Ukukhishwa kwenguqulo entsha ezinzile ye-OpenWrt 22.03.3 kusanda kumenyezelwa, inguqulo iza namaphutha ahlukahlukene okuyi-Busybox, i-dnsmasq nezinye izilungiso ezigqamayo, ngaphezu kwalokhu, okunye ukuthuthukiswa kokusekelwa kule nguqulo entsha nakho kuyagqama.

Kulabo abangayazi i-OpenWrt, kufanele ukwazi lokho lokhu kusatshalaliswa kweLinux okwenzelwe ukusetshenziswa kumadivayisi wenethiwekhi ahlukahlukenenjengama-routers nezindawo zokufinyelela.

I-OpenWrt isekela amapulatifomu amaningi ahlukahlukene nezakhiwo futhi inohlelo lokwakha olukuvumela ukuthi uhlanganise kalula futhi kalula, kufaka phakathi izinto eziningi ku-Assembly, okwenza kube lula ukudala i-firmware elungele ukusetshenziswa noma isithombe sediski esenzelwe imisebenzi ethile ngesethi oyifunayo yamaphakeji pre- ifakiwe.

Izindaba eziyinhloko ze-OpenWrt 22.03.3

Kule nguqulo entsha ethulwa kusuka ku-OpenWrt 22.03.3 kuvezwa ukuthuthukiswa kwezingxenye ezihlukahlukene zesistimu, esingayithola izinguqulo ezibuyekeziwe ze-Linux kernel 5.10.161 (inguqulo yengeza isitaki esingenantambo se-mac80211 esifakwe kunguqulo engu-5.15.81), i-strace 5.19, i-mbedtls 2.28.2, openssl 1.1.1s, wolfssl 5.5.4, util-linux 2.37.4, firewall4 2022-10-18, odhcpd 2023-01-02, uhttpd 2022-10-31, iwinfo 2022-12-15, ucode 2022-12-02.

Kanye ne-Linux Kernel kuyashiwo futhi ukuthi bangeze amaphakheji emojula ye-kernel entsha: i-kmod-sched-prio, i-kmod-sched-red, i-kmod-sched-act-polisi, i-kmod-sched-act-ipt, i-kmod-sched- pie, kmod-sched-drr, kmod-sched-fq-pie, kmod-sched-act-sample, kmod-nvme, kmod-phy-marvell, kmod-hwmon-sht3x, kmod-netconsole, kanye ne-kmod-btsdio.

Engxenyeni ye- ukuthuthukiswa kosekelo Singathola kule nguqulo entsha ukwesekwa kwe-Ruckus ZoneFlex 7372/7321, ZTE MF289F, TrendNet TEW-673GRU, Linksys EA4500 v3 kanye ne-Wavlink WS-WN572HP3 4G amadivayisi wengeziwe.

Ngaphezu kwalokhu, singathola futhi ukuthi ku-D-Link DIR-825 B1 izilungiselelo zesithombe sesistimu yefekthri kanye nezimpande ezinwetshiwe zengeziwe. Ngokuzenzakalelayo, i-firmware ye-chip ye-Broadcom 4366b1 yengezwe ekwakhiweni kwe-Asus RT-AC88U.

Mayelana nokulungiswa, singathola ukuthi inkinga yokuqalisa kabusha iluphu uma usebenzisa i-LZMA bootloader kumadivayisi NETGEAR EX6150, HiWiFi HC5962, ASUS RT-N56U B1, Belkin F9K1109v1, D-Link DIR-645, isixazululiwe. D-Link. I-DIR-860L B1, i-NETIS WF2881 ne-ZyXEL WAP6805.

Kuphinde kuphawulwe ukuthi inkinga yokwabela amakheli e-WAN MAC kumadivayisi we-UniElec U7621-01, UniElec U7621-06, TP-Link AR7241, TP-Link TL-WR740N, TP-Link TL-WR741ND v4, Telton230 I-Luma i-WOR329 Home. -XNUMXACN.

Of ubuthakathaka obugxilile kuyakhulunywa

  • I-CVE-2022-30065: i-busybox: Lungisa ukusebenzisa ngemva kwamahhala ku-Busybox 1.35-x's
    awu applet
  • I-CVE-2022-0934: dnsmasq: Lungisa ukubhala/ukusetshenziswa kwebhayithi eyodwa okungakhethi.
    ukwehluleka kokuthunyelwe kwamahhala kuseva ye-dnsmasq DHCPv6
  •  I-CVE-2022-1304: i-e2fsprogs: ukuba sengozini yokufunda/ukubhala ngaphandle kwemingcele
    itholwe ku-e2fsprogs 1.46.5
  • CVE-2022-47939: kmod-ksmbd: ZDI-22-1690: Linux Kernel ksmbd Use -
    Ukuba Sengozini Yokusebenzisa Ikhodi Ekude Ngemva Kwamahhala
  • I-CVE-2022-46393: i-mbedtls: lungisa ukufundwa kwebhafa yenqwaba engaba khona futhi
    Bhala ngaphezulu
  • I-CVE-2022-46392: i-mbedtls: isitha esikwazi ukufinyelela idatha enembe ngokwanele
    ulwazi mayelana nokufinyelela kwimemori lungathola ukhiye oyimfihlo we-RSA
  • I-CVE 2022-42905: wolfssl: Esimeni lapho i-WOLFSSL_CALLBACKS
    i-macro isethwe lapho kwakhiwa i-wolfSSL, kuningi okungenzeka ngakho
    I-5-byte ifundwe lapho uphatha ukuxhumana kweklayenti le-TLS 1.3.

Of ezinye izinguquko okugqamile:

  • Kumadivayisi we-Youku YK-L2 kanye ne-YK-L1, i-initramfs-kernel.bin ingafakwa kusetshenziswa isixhumi esibonakalayo sewebhu somkhiqizi.
  • I-D-Link DGS-1210-10P isekela izinkinobho ezengeziwe nezinkomba ze-LED.
  • Umshayeli we-USB wengeziwe kumhlangano we-AVM FRITZ!Box 7430.
  • Isilawuli somsindo sengezwe kumhlangano we-HAOYU Electronics MarsBoard A10.
    I-Linksys EA6350v3, EA8300, MR8300, kanye namadivayisi we-WHW01 angabuyekeza i-firmware ngaphandle kwebhokisi.
    Kulungiswe ukuphahlazeka ebhuthini nge-firewall4 kanye nefayela lokulayisha.
  • Kungezwe amafayela e-firmware we-mt7916 kanye namadivayisi we-mt7921.
  • Iphakheji ye-ustream-openssl ikhubaza ukuxoxisana kokuxhumeka okusekelwe ku-TLSv1.2 nezinguqulo zangaphambilini zephrothokholi.
  • Usekelo olungeziwe lwemodemu ye-Quectel EC200T-EU kuphakheji ye-comgt-ncm.
  • Insiza ye-umbim ivumela ukuzulazula nokuxhumeka ngamanethiwekhi ozakwethu.
  • Usekelo lwamamodi e-HE (Wifi 6), amadivayisi amasha (MT7921AU, MT7986 WiSoC) kanye nama-cipher engeziwe (CCMP-256, GCMP-256) engeziwe kunsiza ye-iwinfo.

Uma ufuna ukwazi kabanzi ngayo mayelana nemininingwane efakwe kulokhu kukhishwa okusha kwe-firmware OpenWrt 22.03.3 ungabheka imininingwane ekushicilelweni kwasekuqaleni Kulesi sixhumanisi esilandelayo.

Landa inguqulo entsha ye-OpenWrt 22.03.3

Ukwakhiwa kwale nguqulo entsha kulungiselelwe amapulatifomu ahlukene angama-35, lapho kungatholwa khona amaphakheji wokuvuselela kusuka kusixhumanisi esingezansi.


Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Unomthwalo wemfanelo ngedatha: AB Internet Networks 2008 SL
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.