An gano lahani guda biyu a cikin Linux kernel (CVE-2023-1281, CVE-2023-1829) wanda ke ba da damar mai amfani da gida don haɓaka gata a cikin tsarin. Harin yana buƙatar izini don ƙirƙira da gyara hanyoyin rarraba zirga-zirga, samuwa tare da haƙƙin CAP_NET_ADMIN, waɗanda za a iya samu tare da ikon ƙirƙirar wuraren suna. Matsaloli sun bayyana tun daga 4.14 kwaya kuma an gyara su a cikin reshen 6.2.
Ana haifar da lahani ta hanyar samun damar ƙwaƙwalwar ajiya bayan an 'yantar da shi (amfani-bayan kyauta) a cikin lambar rarraba zirga-zirgar tcindex, wanda wani ɓangare ne na tsarin QoS (Ingantacciyar sabis) na kernel na Linux. Rashin lahani na farko yana bayyana kansa saboda yanayin tsere lokacin sabunta matatun zanta mara kyau, da kuma rauni na biyu yayin share mafi kyawun tacewa. Kuna iya bin diddigin gyara a cikin rabawa akan shafuka masu zuwa: Debian, Ubuntu, Gentoo, RHEL, SUSE, Fedora, Gentoo, Arch. Don toshe cin gajiyar rauni a wurin aiki, zaku iya kashe ikon ƙirƙirar wuraren suna ta masu amfani marasa gata ("sudo sysctl -w kernel.unprivileged_userns_clone=0").
source: budenet.ru