ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > Tej thaj chaw deb DoS qhov tsis zoo hauv FreeBSD IPv6 pawg

Tej thaj chaw deb DoS qhov tsis zoo hauv FreeBSD IPv6 pawg

Hauv FreeBSD tshem tawm Qhov tsis zoo (CVE-2019-5611) uas tso cai rau koj ua rau lub pob tawg (pob ntawv-ntawm-tuag) los ntawm kev xa cov pob ntawv tshwj xeeb fragmented ICMPv6 MLD (Multicast Listener Discovery). Teeb meem ua rau qhov tsis muaj ib qho kev kuaj xyuas tsim nyog hauv m_pulldown() hu, uas yuav ua rau cov mbufs tsis sib thooj raug xa rov qab, cuam tshuam rau tus neeg hu qhov kev cia siab.

Kom txhob raug tshem tawm hauv kev hloov tshiab 12.0-RELEASE-p10, 11.3-RELEASE-p3 thiab 11.2-RELEASE-p14. Raws li kev ruaj ntseg workaround, koj tuaj yeem lov tes taw kev txhawb nqa fragmentation rau IPv6 lossis lim header xaiv ntawm firewall HBH (Hop-by-Hop). Qhov zoo siab, kab laum ua rau muaj qhov tsis zoo tau raug txheeb xyuas rov qab rau xyoo 2006 thiab kho hauv OpenBSD, NetBSD thiab macOS, tab sis tseem tsis tau kho hauv FreeBSD, txawm hais tias FreeBSD cov neeg tsim khoom tau ceeb toom txog qhov teeb meem.

Koj tseem tuaj yeem sau tseg qhov kev tshem tawm ntawm ob qhov tsis zoo ntxiv hauv FreeBSD:

  • CVE-2019-5603 - dhau ntawm cov ntaub ntawv pov thawj rau cov qauv ntaub ntawv hauv mqueuefs thaum siv 32-ntsis qiv hauv 64-ntsis ib puag ncig (32-ntsis compat). Qhov teeb meem tshwm sim thaum ua kom mqueuefs, uas tsis ua haujlwm los ntawm lub neej ntawd, thiab tuaj yeem ua rau nkag mus rau cov ntaub ntawv, cov npe thiab cov qhov (sockets) qhib los ntawm cov txheej txheem koom nrog lwm tus neeg siv, lossis nkag mus rau lwm cov ntaub ntawv los ntawm lub tsev kaw neeg. Yog tias tus neeg siv muaj cov hauv paus nkag mus rau hauv tsev kaw neeg, qhov tsis muaj peev xwm tso cai rau ib tus kom tau txais cov hauv paus nkag mus rau sab ntawm tus tswv tsev ib puag ncig.
  • CVE-2019-5612 - teeb meem nrog ntau txoj xov nkag mus rau / dev / midistat ntaus ntawv thaum muaj kev sib tw kis las tuaj yeem ua rau kev nyeem cov cheeb tsam ntawm lub cim xeeb sab nraum cov ciam teb ntawm qhov tsis tau faib rau midistat. Ntawm 32-ntsis systems, ib qho kev sim los siv qhov tsis zoo ua rau lub pob tawg, thiab ntawm 64-ntsis tshuab nws tso cai rau ib qho los tshawb pom cov ntsiab lus ntawm qhov chaw tsis txaus ntseeg ntawm cov ntsiav nco.

Tau qhov twg los: opennet.ru

Ntxiv ib saib