sabuntawar uwar garken DNS mai iko a cikin abin da lalura guda huɗu, biyu daga cikinsu na iya haifar da kisa na nesa daga maharin.
Lalacewar CVE-2020-24696, CVE-2020-24697 da CVE-2020-24698
code tare da aiwatar da tsarin musayar maɓalli . Matsalolin suna bayyana ne kawai lokacin da aka gina PowerDNS tare da tallafin GSS-TSIG ("-enable-experimental-gss-tsig", ba a yi amfani da shi ta tsohuwa ba) kuma ana iya amfani da shi ta hanyar aika fakitin cibiyar sadarwa na musamman. Yanayin tsere da rashin lahani guda biyu CVE-2020-24696 da CVE-2020-24698 na iya haifar da faɗuwa ko aiwatar da lambar maharin yayin aiwatar da buƙatun tare da sa hannun GSS-TSIG da aka tsara ba daidai ba. Rashin lahani CVE-2020-24697 yana iyakance ga ƙin sabis. Tunda ba a yi amfani da lambar GSS-TSIG ta tsohuwa ba, gami da cikin fakitin rarrabawa, kuma mai yuwuwar ta ƙunshi wasu matsaloli, an yanke shawarar cire ta gaba ɗaya a cikin sakin PowerDNS Izini 4.4.0.
na iya haifar da yoyon bayanai daga ƙwaƙwalwar tsari da ba a fara ba, amma yana faruwa ne kawai lokacin sarrafa buƙatun daga ingantattun masu amfani waɗanda ke da ikon ƙara sabbin bayanai zuwa yankunan DNS da uwar garken ke aiki.
source: budenet.ru