ProHoster > Блог > labaran intanet > Rashin lahani a cikin kernel na Linux wanda zai iya haifar da haɗari ta hanyar aika fakitin UDP
Rashin lahani a cikin kernel na Linux wanda zai iya haifar da haɗari ta hanyar aika fakitin UDP
A cikin Linux kernel gano rauni (CVE-2019-11683), wanda ke ba ku damar haifar da ƙin sabis ta hanyar aika fakitin UDP na musamman (fakitin mutuwa). Matsalar tana haifar da kuskure a cikin mai sarrafa udp_gro_receive_segment (net/ipv4/udp_offload.c) tare da aiwatar da fasahar GRO (Generic Receive Offload) kuma yana iya haifar da lalata abubuwan da ke cikin wuraren ƙwaƙwalwar kernel yayin sarrafa fakitin UDP tare da fakitin sifili. (kayan biya mara komai).
Matsalar tana shafar kwaya kawai 5.0tun da GRO goyon bayan UDP soket ya kasance aiwatar a watan Nuwambar bara kuma kawai ya sami damar shiga sabuwar barga ta kwaya. Fasahar GRO tana ba ku damar haɓaka sarrafa fakiti masu yawa masu shigowa ta hanyar haɗa fakiti da yawa zuwa manyan tubalan waɗanda basa buƙatar sarrafa fakiti daban-daban.
Ga TCP, matsalar ba ta faruwa, tunda wannan ka'ida ba ta goyan bayan tara fakiti ba tare da kaya ba.
An gano matsalar a sakamakon haka использования Tsarin gwajin fuzzing mai sarrafa kansa wanda Google ya kirkira syzbot da analyzer KASAN (KernelAddressSanitizer), da nufin gano kurakurai lokacin aiki tare da ƙwaƙwalwar ajiya da gaskiyar samun damar ƙwaƙwalwar ajiya ba daidai ba, kamar samun damar wuraren ƙwaƙwalwar ajiya da aka 'yantar da sanya lamba a wuraren ƙwaƙwalwar ajiya ba a yi niyya don irin wannan magudi ba.