Netfilter, tsarin kernel na Linux da ake amfani dashi don tacewa da canza fakitin cibiyar sadarwa, yana da rauni (ba a sanya CVE ba) wanda zai iya bawa mai amfani da gida damar aiwatar da lambar matakin kwaya da haɓaka gatansu akan tsarin. Masu bincike sun nuna wani amfani wanda ya ba da damar mai amfani da gida ya zama tushen a cikin Ubuntu 22.04 tare da kernel 5.15.0-39-generic. Da farko, an shirya buga bayanai game da raunin a ranar 15 ga Agusta, amma saboda kwafin wasiƙar tare da samfurin yin amfani da shi zuwa jerin aikawasiku na jama'a, an ɗage takunkumin da aka sanya na bayyana bayanan.
Matsalar ta kasance tun lokacin da aka saki kernel na 5.8 kuma ana haifar da shi ta hanyar buffer ambaliya a cikin lambar don sarrafa jerin saiti a cikin nf_tables module saboda rashin ingantaccen cak a cikin nft_set_elem_init aikin. Kwaron yana cikin canji wanda ke faɗaɗa wurin ajiya don jerin abubuwan zuwa 128 bytes.
Harin yana buƙatar samun dama ga nftables, waɗanda za a iya samu a cikin keɓantaccen sunan cibiyar sadarwa (fassarar sunan cibiyar sadarwa) idan kuna da haƙƙoƙin CLONE_NEWUSER, CLONE_NEWNS ko CLONE_NEWNET (misali, idan kuna iya gudanar da wani keɓaɓɓen akwati). Gyaran bai wanzu ba tukuna. Don toshe cin gajiyar rashin ƙarfi a cikin tsarin al'ada, ya kamata ku tabbatar da cewa ikon ƙirƙirar wuraren suna ta masu amfani marasa gata ya lalace ("sudo sysctl -w kernel.unprivileged_userns_clone=0").
source: budenet.ru