Masu haɓaka FreeBSD sun yanke shawara a cikin sabon reshe na FreeBSD 13, wanda ake tsammanin za a sake shi a ranar 13 ga Afrilu, don sanya tashar jiragen ruwa don gine-ginen ARM64 (AArch64) matsayin dandamali na farko (Tier 1). A baya can, an ba da irin wannan matakin goyon baya ga tsarin 64-bit x86 (har zuwa kwanan nan, i386 gine-gine shine gine-gine na farko, amma a cikin Janairu an canza shi zuwa mataki na biyu na goyon baya).
Matakin tallafi na farko ya haɗa da ƙirƙirar taron shigarwa, sabuntawar binary da fakitin da aka shirya, da kuma samar da garanti don magance takamaiman matsaloli da kiyaye ABI mara canzawa don yanayin mai amfani da kernel (ban da wasu ƙananan tsarin). Matakin farko ya faɗo ƙarƙashin goyon bayan ƙungiyoyin da ke da alhakin kawar da lahani, shirya sakewa da kuma kula da tashar jiragen ruwa.
Bugu da ƙari, za mu iya lura da kawar da lahani uku a cikin FreeBSD:
- CVE-2021-29626 Tsarin gida mara gata yana iya karanta abubuwan da ke cikin ƙwaƙwalwar kernel ko wasu matakai ta hanyar yin taswirar shafi na ƙwaƙwalwar ajiya. Lalacewar ta kasance saboda kwaro a cikin tsarin ƙwaƙƙwaran ƙwaƙwalwar ajiya wanda ke ba da damar raba ƙwaƙwalwar ajiya tsakanin matakai, wanda zai iya haifar da ƙwaƙwalwar ajiya don ci gaba da ɗaure zuwa tsari bayan an 'yantar da shafin ƙwaƙwalwar ajiya mai alaƙa.
- CVE-2021-29627 Mai amfani na gida mara gata zai iya haɓaka gatansu akan tsarin ko karanta abubuwan da ke cikin ƙwaƙwalwar kernel. Matsalar tana faruwa ne ta hanyar samun damar ƙwaƙwalwar ajiya bayan an 'yanta ta (amfani-bayan-kyauta) a cikin aiwatar da tsarin tacewa.
- CVE-2020-25584 - Yiwuwar ƙetare hanyar keɓewar Gidan Yari. Mai amfani a cikin akwatin yashi tare da izini don hawa ɓangarori (allow.mount) na iya canza tushen directory zuwa matsayi a wajen tsarin Jail kuma ya sami cikakken karantawa da rubuta damar shiga duk fayilolin tsarin.
source: budenet.ru