Kamfanin Eclypsium
Ƙarin bincike ya nuna cewa waɗannan matsalolin kuma suna shafar firmware na masu sarrafa BMC da ake amfani da su a cikin Gigabyte Enterprise Servers uwar garken dandamali, waɗanda kuma ana amfani da su a cikin sabar daga kamfanoni irin su Acer, AMAX, Bigtera, Ciara, Penguin Computing da sysGen. Matsalolin BMC masu matsala sun yi amfani da firmware mai rauni na MergePoint EMS wanda mai siyar da Avocent na ɓangare na uku ya haɓaka (yanzu yanki na Vertiv).
Rashin lahani na farko yana faruwa ne sakamakon rashin tabbatar da bayanan sirri na sabunta firmware da aka zazzage (kawai CRC32 tabbaci na checksum ake amfani da shi, akasin haka.
Rashin lahani na biyu yana nan a cikin lambar sabunta firmware kuma yana ba ku damar musanya umarnin ku, waɗanda za a aiwatar da su a cikin BMC tare da mafi girman matakin gata. Don kai hari, ya isa ya canza ƙimar ma'aunin RemoteFirmwareImageFilePath a cikin bmcfwu.cfg fayil ɗin sanyi, ta inda aka ƙayyade hanyar zuwa hoton firmware da aka sabunta. Yayin sabuntawa na gaba, wanda za'a iya farawa ta hanyar umarni a cikin IPMI, BMC za ta sarrafa wannan siga kuma a yi amfani da shi azaman ɓangaren kiran popen() azaman ɓangaren layin don /bin/sh. Tunda an ƙirƙiri layin don samar da umarnin harsashi ta amfani da kiran snprintf() ba tare da tsabtace haruffa na musamman ba, maharan na iya musanya lambar su don aiwatarwa. Don cin gajiyar raunin, dole ne ku sami haƙƙin da ke ba ku damar aika umarni zuwa ga mai sarrafa BMC ta hanyar IPMI (idan kuna da haƙƙin gudanarwa akan sabar, zaku iya aika umarnin IPMI ba tare da ƙarin tabbaci ba).
An sanar da Gigabyte da Lenovo matsalolin baya a cikin Yuli 2018 kuma sun sami nasarar fitar da sabuntawa kafin a bayyana bayanan a bainar jama'a. Kamfanin Lenovo
A ranar 8 ga Mayu na wannan shekara, Gigabyte ya fitar da sabuntawar firmware don uwayen uwa tare da mai sarrafa ASPEED AST2500, amma kamar Lenovo, kawai ya gyara raunin maye gurbin umarni. Alloli masu rauni dangane da ASPEED AST2400 sun kasance ba tare da sabuntawa ba a yanzu. Gigabyte kuma
Bari mu tuna cewa BMC ƙwararriyar mai sarrafawa ce da aka sanya a cikin sabobin, wanda ke da CPU, ƙwaƙwalwar ajiya, ajiya da na'urorin zaɓe na firikwensin, wanda ke ba da ƙananan ƙananan matakan don saka idanu da sarrafa kayan aikin uwar garke. Yin amfani da BMC, ba tare da la'akari da tsarin aiki da ke gudana akan uwar garken ba, zaku iya saka idanu kan matsayin na'urori masu auna firikwensin, sarrafa iko, firmware da diski, tsara booting mai nisa akan hanyar sadarwar, tabbatar da aikin na'ura mai ba da hanya tsakanin hanyoyin sadarwa, da sauransu.
source: budenet.ru