An buga gyara gyara na ɗakin karatu na sirri na OpenSSL 3.0.7, wanda ke gyara lahani biyu. Dukkan batutuwan biyu suna haifar da ambaliya a cikin lambar tabbatar da filin imel a cikin takaddun shaida na X.509 kuma suna iya yuwuwar haifar da aiwatar da lambar lokacin sarrafa takaddun takaddun da aka tsara musamman. A lokacin buga gyaran, masu haɓakawa na OpenSSL ba su rubuta wata shaida ta kasancewar wani aiki da zai kai ga aiwatar da lambar maharin ba.
Duk da cewa sanarwar da aka riga aka fitar na sabon sakin ya ambaci kasancewar wani lamari mai mahimmanci, a gaskiya ma, a cikin sabuntawar da aka saki an rage matsayin rashin lafiya zuwa matakin mai haɗari, amma ba mummunan rauni ba. Dangane da ka'idodin da aka karɓa a cikin aikin, an rage matakin haɗari idan matsalar ta bayyana kanta a cikin ƙayyadaddun tsari ko kuma idan akwai ƙananan yuwuwar yin amfani da rashin ƙarfi a aikace.
A wannan yanayin, an rage girman matakin saboda cikakken bincike game da raunin da ƙungiyoyi da yawa suka yi ya kammala cewa ikon aiwatar da lamba yayin cin gajiyar an toshe shi ta hanyoyin kariya da ambaliya da aka yi amfani da su a dandamali da yawa. Bugu da ƙari, tsarin grid ɗin da aka yi amfani da shi a wasu rarrabawar Linux yana haifar da sakamako a cikin 4 bytes waɗanda suka fita daga kan iyakoki ana sanya su akan buffer na gaba akan tari, wanda har yanzu ba a fara amfani da shi ba. Koyaya, yana yiwuwa akwai dandamali waɗanda za a iya amfani da su don aiwatar da lamba.
Abubuwan da aka gano:
- CVE-2022-3602 - rashin lahani, da farko an gabatar da shi azaman mai mahimmanci, yana haifar da ambaliya ta 4-byte buffer lokacin duba filin tare da adireshin imel na musamman da aka tsara a cikin takardar shaidar X.509. A cikin abokin ciniki na TLS, ana iya amfani da rashin lafiyar yayin haɗawa zuwa uwar garken da maharin ke sarrafawa. A kan uwar garken TLS, ana iya amfani da raunin idan an yi amfani da amincin abokin ciniki ta amfani da takaddun shaida. A wannan yanayin, raunin yana bayyana a matakin bayan tabbatar da sarkar amana da ke tattare da takardar shaidar, watau. Harin yana buƙatar hukumar takardar shedar ta tabbatar da mugayen takardar shaidar maharin.
- CVE-2022-3786 wani nau'i ne na yin amfani da raunin CVE-2022-3602, wanda aka gano yayin nazarin matsalar. Bambance-bambancen sun gangara zuwa yuwuwar zubar da majigi a kan tari ta adadin saɓani na bytes da ke ɗauke da “.” (watau maharin ba zai iya sarrafa abubuwan da ke cikin ambaliya ba kuma za a iya amfani da matsalar kawai don haifar da faɗuwar aikace-aikacen).
Lalacewar suna bayyana ne kawai a cikin reshen OpenSSL 3.0.x (an gabatar da kwaro a cikin lambar canza Unicode (punycode) da aka ƙara zuwa reshen 3.0.x). Fitowar OpenSSL 1.1.1, da dakunan karatu na cokali mai yatsa na OpenSSL LibreSSL da BoringSSL, matsalar ba ta shafe su ba. A lokaci guda, an fitar da sabuntawar OpenSSL 1.1.1s, wanda ya ƙunshi gyare-gyaren kwaro marasa tsaro kawai.
Ana amfani da reshen OpenSSL 3.0 a cikin rabawa kamar Ubuntu 22.04, CentOS Stream 9, RHEL 9, OpenMandriva 4.2, Gentoo, Fedora 36, Debian Testing/Unstable. Ana ba masu amfani da waɗannan tsarin shawarar shigar da sabuntawa da wuri-wuri (Debian, Ubuntu, RHEL, SUSE/openSUSE, Fedora, Arch). A cikin SUSE Linux Enterprise 15 SP4 da openSUSE Leap 15.4, fakiti tare da OpenSSL 3.0 suna samuwa na zaɓi, fakitin tsarin suna amfani da reshen 1.1.1. Debian 1, Arch Linux, Void Linux, Ubuntu 11, Slackware, ALT Linux, RHEL 20.04, OpenWrt, Alpine Linux 8 da FreeBSD sun kasance akan rassan OpenSSL 3.16.x.
source: budenet.ru