An gano lahani guda biyu a cikin tsarin gidan yari na keɓantaccen mahalli wanda aikin FreeBSD ya haɓaka:
- CVE-2020-25582 wani rauni ne a cikin aiwatar da tsarin tsarin jail_attach, wanda aka tsara don haɗa hanyoyin waje zuwa yanayin gidan yari. Matsalar tana faruwa lokacin kiran jail_attach ta amfani da jexec ko killall umarni, kuma yana ba da damar tsarin gata da ke ware a cikin gidan yarin don canza tushen littafinsa kuma samun cikakken damar yin amfani da duk fayiloli da kundayen adireshi akan tsarin.
- CVE-2020-25581 - yanayin tsere lokacin cire matakai ta amfani da tsarin tsarin jail_remove yana ba da damar tsarin gata da ke gudana a cikin gidan yari don guje wa cirewa lokacin da aka rufe gidan yari da samun cikakken damar yin amfani da tsarin ta hanyar devfs lokacin da aka fara gidan yari tare da. Tushen tushen guda ɗaya, yin amfani da lokacin, lokacin da devfs an riga an ɗora shi don kurkuku, amma har yanzu ba a yi amfani da ƙa'idodin keɓewa ba.
Bugu da ƙari, zaku iya lura da rauni (CVE-2020-25580) a cikin tsarin PAM pam_login_access, wanda ke da alhakin sarrafa fayil ɗin login_access, wanda ke bayyana ka'idodin samun dama ga masu amfani da ƙungiyoyin da ake amfani da su lokacin shiga cikin tsarin (ta tsohuwa, shiga ta hanyar an yarda da na'ura wasan bidiyo, sshd da telnetd). Rashin lahani yana ba ku damar ƙetare ƙuntatawa na login_access kuma ku shiga duk da kasancewar dokokin hana.
An gyara raunin da ya faru a cikin 13.0-STABLE, 12.2-STABLE da 11.4-STABLE rassan, da kuma a cikin FreeBSD 12.2-RELEASE-p4 da 11.4-RELEASE-p8 gyara gyara.
source: budenet.ru