Umcwaningi wezokuphepha nguGitHub wazise muva nje ukhombe ukuba sengozini (CVE-2020-16125) ku-GNOME Display Manager (GDM), ebhekele ukubonisa isikrini sokungena ngemvume.
Kuhlanganiswe nokunye ukuba sengozini kusevisi yokulandelela i-akhawunti (ama-akhawunti-daemon), inkinga ivumela ikhodi ukuthi isebenze njengezimpande. Ukuba sengozini kuhlotshaniswa nokwethulwa okungalungile kwensiza yokuqala yokumisa uma kungenakwenzeka ukufinyelela insiza yedayemon ye-akhawunti nge-DBus.
Mayelana nokuba sengozini
Umsebenzisi ongenalungelo angahle aphazamise inqubo ye-akhawunti-daemon noma avale ucingo, yini ezodala izimo yokusetshenziswa kwe-gnome-initial-setup okuzoqhutshwa kusuka ku-GDM, lapho umsebenzisi omusha angabhalisa njengelungu leqembu le-Sudo, okungukuthi, anamandla wokuqalisa izinhlelo njengezimpande.
Ngokuvamile I-GDM ibiza i-gnome-initial-setup ukusetha umsebenzisi wokuqala uma kungekho ama-akhawunti ohlelweni. Ukuqinisekiswa kobukhona bama-akhawunti kwenziwa ngokuxhumana nama-akhawunti-daemon. Uma inqubo ebekiwe ihluleka, i-GDM ithatha ukuthi ama-akhawunti alahlekile bese iqala inqubo yokuqala yokumisa.
Umcwaningi uthole izindlela ezimbili zokuphazamisa inqubo yama-daemon-account- Eyokuqala (i-CVE-2020-16126) ingenxa yokusetha kabusha ilungelo elingalungile nephutha lesibili (i-CVE-2020-16127) ngenkathi kucutshungulwa ifayela le- ".pam_envelo".
Futhi, kutholakale obunye ubungozi kuma-daemon-akhawunti (I-CVE-2018-14036) kubangelwe amasheke endlela yefayela angalungile nokuvumela okuqukethwe kwefayela okungqubuzanayo ukuthi kufundwe ohlelweni.
Ukuba sengozini kuma-akhawunti-daemon kubangelwa ushintsho olwenziwe ngonjiniyela be-Ubuntu futhi aluveli kukhodi yama-akhawunti-daemon eyinhloko yephrojekthi yeFreeDesktop nephakeji le-Debian.
Udaba lwe-CVE-2020-16127 lukhona ku-patch engezwe ku-Ubuntu esebenzisa is_in_pam_envelo function, efunda okuqukethwe yifayela le-.pam_envelo kusuka enkombeni yasekhaya yomsebenzisi. Uma ubeka isixhumanisi esingokomfanekiso ku- / dev / zero esikhundleni saleli fayela, inqubo ye-daemon ye-akhawunti ilenga kwimisebenzi yokufunda engapheli futhi iyeke ukuphendula izicelo nge-DBus.
Akuvamile ukuba sengozini ohlelweni lokusebenza lwesimanje kube lula ukusizakala. Kwezinye izikhathi, ngibhale izinkulungwane zemigqa yekhodi ukuxhaphaza ukuba sengozini.
Iningi lokuxhaphaza kwesimanje lifaka amaqhinga ayinkimbinkimbi, njengokusebenzisa ubungozi benkohlakalo yememori ukuze uchithe izinto ezingamanga enqwabeni, noma ukufaka esikhundleni ifayela nge-symlink ukunemba kwe-microsecond ukuxhaphaza ukuba sengozini kwe-TOCTOU.
Ngakho-ke kulezi zinsuku kuyaqabukela ukuthola ukuba sengozini okungadingi amakhono wokukhipha ukuze usizakale. Ngicabanga nokuthi ukuba sengozini kulula ukukuqonda, noma ngabe awunalo ulwazi lwangaphambilini lokuthi uBuntu usebenza kanjani noma unolwazi kanjani ocwaningweni lwezokuphepha.
Ukuba sengozini kwe-CVE-2020-16126 kubangelwa esinye isichibi esetha kabusha amalungelo omsebenzisi wamanje ngenkathi kucubungulwa ezinye izingcingo ze-DBus (ngokwesibonelo, org.freedesktop.Accounts.User.SetLanguage).
Inqubo ye-daemon ye-akhawunti isebenza ngokujwayelekile njengezimpande, evimbela umsebenzisi ojwayelekile ekuthumeleni amasiginali.
Kepha ngenxa yesiqephu esingeziwe, amalungelo wenqubo angasetwa kabusha futhi umsebenzisi angaqeda le nqubo ngokuthumela isignali. Ukwenza ukuhlasela, mane nje udale izimo zokususa amalungelo (RUID) bese uthumela isignali ye-SIGSEGV noma ye-SIGSTOP kunqubo ye-daemon ye-akhawunti.
Umsebenzisi uqeda iseshini yokuqhafaza bese eya kukhonsoli yombhalo (Ctrl-Alt-F1).
Ngemuva kokuphela kweseshini yokuqhafaza, i-GDM izama ukubonisa isikrini sokungena ngemvume, kepha ilenga lapho izama ukuthola impendulo kuma-akhawunti-daemon.
Izimpawu ze-SIGSEGV ne-SIGCONT zithunyelwa zisuka kukhonsoli ziye kwinqubo yedayemon ye-akhawunti, ibangele ukuthi ilenga.
Ungathumela futhi amasiginali ngaphambi kokuphuma kweseshini yokuqhafaza, kepha kufanele ukwenze ngokubambezeleka ukuze ube nesikhathi sokuqeda iseshini nangaphambi kokuba isignali ithunyelwe, i-GDM ibe nesikhathi sokuqala.
Isicelo ku-daemon yama-akhawunti ku-GDM sehluleka futhi i-GDM ibiza insiza ye-gnome-initial-setup, ekusebenzelana nayo okwanele ukudala i-akhawunti entsha.
Ukuba sengozini kulungiswe ku-GNOME 3.36.2 naku-3.38.2. Ukusetshenziswa kobungozi kuqinisekisiwe ku-Ubuntu nakwizithako zayo.
Umthombo: https://securitylab.github.com