ProHoster > Блог > labaran intanet > 10 rashin ƙarfi a cikin Xen hypervisor

10 rashin ƙarfi a cikin Xen hypervisor

Buga bayani game da raunin 10 a cikin Xen hypervisor, wanda biyar (XNUMX)CVE-2019-17341, CVE-2019-17342, CVE-2019-17340, CVE-2019-17346, CVE-2019-17343) yuwuwar ƙyale ka ka wuce yanayin baƙo na yanzu da haɓaka gata, rashin lahani guda ɗaya (CVE-2019-17347) yana ba da damar tsari mara amfani don samun iko akan tafiyar da sauran masu amfani a cikin tsarin baƙo ɗaya, sauran huɗun (CVE- 2019-17344, CVE-2019-17345, CVE-2019-17348, CVE-2019-17351) rashin lahani na iya haifar da ƙin sabis (Rushewar mahalli). Matsalolin da aka gyara a cikin fitarwa Xen 4.12.1, 4.11.2 da 4.10.4.

  • CVE-2019-17341 - ikon samun dama a matakin hypervisor daga tsarin baƙo wanda maharin ke sarrafawa. Matsalar tana bayyana ne kawai akan tsarin x86 kuma ana iya haifar da baƙi da ke gudana a yanayin paravirotualization (PV) lokacin da aka saka sabon na'urar PCI a cikin tsarin baƙo mai gudana. Rashin lahani ba ya bayyana a tsarin baƙo da ke gudana a cikin HVM da PVH halaye;
  • CVE-2019-17340 - zubar da ƙwaƙwalwar ajiya, mai yuwuwar ba ku damar haɓaka gata ko samun damar yin amfani da bayanai daga wasu tsarin baƙo.
    Matsalar tana bayyana ne kawai akan runduna masu fiye da 16 TB na RAM akan tsarin 64-bit da 168 GB akan tsarin 32-bit.
    Za a iya amfani da rashin lafiyar kawai daga tsarin baƙo a cikin yanayin PV (rashin lafiyar ba ya bayyana a cikin HVM da PVH lokacin aiki ta hanyar libxl);

  • CVE-2019-17346 - rashin lahani lokacin amfani da PCID (Masu Fahimtar Tsarin Tsari) don haɓaka aikin kariya daga hare-hare
    Meltdown yana ba ku damar samun damar bayanai daga sauran baƙi kuma yana iya haɓaka gatarku. Za a iya amfani da rashin lafiyar kawai daga baƙi a cikin yanayin PV akan tsarin x86 (matsalar ba ta faruwa a cikin HVM da PVH yanayin, da kuma a cikin saitunan da ba su da baƙi tare da PCID) (an kunna PCID ta tsohuwa));

  • CVE-2019-17342 - matsala a aiwatar da hypercall XENMEM_exchange yana ba ku damar haɓaka gata a cikin mahalli tare da tsarin baƙo ɗaya kawai. Za a iya amfani da raunin kawai daga tsarin baƙo a cikin yanayin PV (rashin lafiyar ba ya bayyana a cikin HVM da PVH);
  • CVE-2019-17343 - taswirar da ba daidai ba a cikin IOMMU yana ba da damar, idan akwai damar daga tsarin baƙo zuwa na'urar ta jiki, don amfani da DMA don canza teburin shafin ƙwaƙwalwar ajiyar kansa da samun dama a matakin masaukin baki. Rashin lahani yana bayyana ne kawai a tsarin baƙi a yanayin PV idan suna da haƙƙin tura na'urorin PCI.

source: budenet.ru

Add a comment