Qhov tsis zoo (CVE-2022-0435) tau raug txheeb xyuas nyob rau hauv Linux ntsiav module uas ua kom muaj kev ua haujlwm ntawm TIPC (Transparent Inter-process Communication) network raws tu qauv, uas muaj peev xwm tso cai rau kev ua tiav ntawm qib kernel los ntawm kev xa cov network tsim tshwj xeeb. pob ntawv. Qhov teeb meem tsuas yog cuam tshuam rau cov tshuab nrog tipc.ko kernel module loaded thiab TIPC pawg teeb tsa, uas feem ntau yog siv hauv pawg thiab tsis tau qhib los ntawm lub neej ntawd ntawm cov tsis tshwj xeeb Linux faib.
Nws tau raug sau tseg tias thaum tsim cov ntsiav hauv "CONFIG_FORTIFY_SRC = y" hom (siv hauv RHEL), uas ntxiv cov ntawv khij ntxiv rau memcpy() muaj nuj nqi, kev ua haujlwm tsuas yog txwv rau kev nres thaum muaj xwm txheej ceev (cov ntsiav ceeb ntshai). Yog tias ua tiav yam tsis muaj kev txheeb xyuas ntxiv thiab yog tias cov ntaub ntawv hais txog cov cim npe canary siv los tiv thaiv cov pawg tau xau, qhov teeb meem tuaj yeem raug siv rau kev ua haujlwm ntawm cov chaw taws teeb nrog cov cai kernel. Cov kws tshawb nrhiav uas tau txheeb xyuas qhov teeb meem thov tias cov txheej txheem kev siv dag zog yog qhov tsis tseem ceeb thiab yuav raug nthuav tawm tom qab kev tshem tawm ntau qhov tsis zoo hauv kev faib khoom.
Qhov tsis zoo yog tshwm sim los ntawm ib pawg overflow uas tshwm sim thaum ua cov pob ntawv, tus nqi ntawm daim teb nrog cov naj npawb ntawm cov tswv cuab ntawm cov npe uas tshaj 64. Txhawm rau khaws cov node tsis nyob rau hauv tipc.ko module, ib qho array ruaj "u32 cov tswv cuab[64 ]β yog siv, tab sis nyob rau hauv tus txheej txheem ntawm kev ua cov teev nyob rau hauv lub pob ntawv Cov node naj npawb tsis xyuas tus nqi ntawm "member_cnt", uas tso cai rau cov nqi ntau dua 64 los siv rau kev tswj overwriting ntawm cov ntaub ntawv nyob rau hauv lub cim xeeb cheeb tsam tom ntej no. mus rau "dom_bef" qauv ntawm pawg.
Cov kab laum ua rau muaj qhov tsis zoo tau tshaj tawm thaum Lub Rau Hli 15, 2016 thiab tau suav nrog hauv Linux 4.8 kernel. Qhov tsis txaus ntseeg tau hais nyob rau hauv Linux kernel tso tawm 5.16.9, 5.15.23, 5.10.100, 5.4.179, 4.19.229, 4.14.266, thiab 4.9.301. Nyob rau hauv cov kernels ntawm feem ntau distributions qhov teeb meem tseem unfixed: RHEL, Debian, Ubuntu, SUSE, Fedora, Gentoo, Arch Linux.
TIPC raws tu qauv yog tsim los ntawm Ericsson, tsim los tsim kev sib txuas lus sib txuas lus hauv ib pawg thiab tau qhib ua haujlwm feem ntau ntawm pawg nodes. TIPC tuaj yeem ua haujlwm dhau Ethernet lossis UDP (network port 6118). Thaum ua haujlwm dhau Ethernet, qhov kev tawm tsam tuaj yeem nqa tawm los ntawm lub network hauv zos, thiab thaum siv UDP, los ntawm lub ntiaj teb network yog tias qhov chaw nres nkoj tsis them los ntawm firewall. Qhov kev tawm tsam kuj tuaj yeem ua los ntawm tus neeg siv hauv zos tsis muaj cai ntawm tus tswv tsev. Txhawm rau qhib TIPC, koj yuav tsum rub tawm tipc.ko kernel module thiab teeb tsa kev khi rau lub network interface siv netlink lossis tipc utility.
Tau qhov twg los: opennet.ru