ProHoster > Блог > xov xwm hauv internet > Vulnerability hauv ld.so OpenBSD

Vulnerability hauv ld.so OpenBSD

Lub tshuab thauj khoom dynamic ld.so ua, uas yog ib feem ntawm OpenBSD, tuaj yeem, nyob rau hauv qee qhov xwm txheej, SUID/SGID- cov ntawv thov tawm hauv LD_LIBRARY_PATH ib puag ncig hloov pauv, yog li tso cai rau cov lej thib peb kom raug thauj khoom hauv cov ntsiab lus ntawm cov txheej txheem khiav nrog cov cai siab. Cov kho kom zoo dua qhov tsis muaj zog muaj rau kev tso tawm. 6.5 и 6.6. Cov thaj ua ob hom (syspatch) rau cov platform amd64, i386 thiab arm64 twb tau nkag mus rau hauv kev tsim khoom lawm thiab yuav tsum muaj rau rub tawm thaum lub sijhawm xov xwm no tau tshaj tawm.

Qhov teeb meem yog tias ld.so xub nrhiav tau LD_LIBRARY_PATH variable los ntawm ib puag ncig thiab siv _dl_split_path() function los hloov nws mus rau hauv ib qho array ntawm cov hlua - directory paths. Yog tias tom qab ntawd nws hloov tawm tias cov txheej txheem tam sim no tau pib los ntawm SUID / SGID daim ntawv thov, qhov array tsim thiab LD_LIBRARY_PATH variable nws tus kheej raug tshem tawm. Ntxiv mus, yog tias _dl_split_path() ntsib tawm ntawm lub cim xeeb (uas nyuaj vim yog qhov txwv 256 KB ntawm qhov loj ntawm cov variables ib puag ncig, tab sis ua tau theoretically), _dl_libpath variable yuav raug teeb tsa rau NULL, thiab tom qab ntawd kev kuaj xyuas rau qhov variable no tus nqi yuav ua rau _dl_unsetenv("LD_LIBRARY_PATH") hu kom raug hla.

Qhov tsis muaj zog tau raug tshawb pom los ntawm cov kws tshwj xeeb. Txuj ci, zoo li ntau yam uas tau hais ua ntej Cov kws tshawb nrhiav kev ruaj ntseg uas tau txheeb xyuas qhov tsis muaj zog tau sau tseg qhov ceev uas qhov teeb meem tau daws: ib qho kho tau npaj thiab cov hloov tshiab tau tso tawm hauv peb teev ntawm OpenBSD project tau txais kev ceeb toom.

Ntxiv: Qhov teeb meem tau muab tus lej rau lawm CVE-2019-19726Daim ntawv teev npe xa ntawv oss-security tau hloov kho tshiab lawm. tshaj tawm, uas suav nrog ib qho prototype exploit uas ua haujlwm ntawm OpenBSD 6.6, 6.5, 6.2, thiab 6.1 architectures.
amd64 thiab i386 (qhov kev siv tsis raug no tuaj yeem hloov kho rau lwm cov qauv vaj tse).
Qhov tsis muaj zog no siv tau rau hauv qhov kev teeb tsa ua ntej thiab tso cai rau tus neeg siv hauv zos uas tsis muaj cai siv cov lej nrog cov cai hauv paus los ntawm kev hloov chaw qiv ntawv thaum khiav cov khoom siv suid chpass lossis passwd. Txhawm rau tsim cov xwm txheej uas tsis tshua muaj kev nco qab rau kev siv, qhov txwv RLIMIT_DATA raug teeb tsa ntawm setrlimit.

Tau qhov twg los: opennet.ru

Yuav txhim khu kev qha hosting rau cov chaw nrog DDoS tiv thaiv, VPS VDS servers 🔥 Yuav lub vev xaib hosting txhim khu kev qha nrog kev tiv thaiv DDoS, VPS VDS servers | ProHoster