ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > Vulnerability hauv ld.so OpenBSD

Vulnerability hauv ld.so OpenBSD

Dynamic loader ld.so ua, suav nrog OpenBSD, tej zaum, raws li qee yam xwm txheej, SUID/SGID- daim ntawv thov tawm ntawm LD_LIBRARY_PATH ib puag ncig hloov pauv thiab yog li tso cai rau tus neeg thib peb code kom thauj khoom hauv cov ntsiab lus ntawm cov txheej txheem ua haujlwm nrog cov cai tshwj xeeb. Patches kho qhov tsis zoo yog muaj rau kev tso tawm 6.5 ΠΈ 6.6. Binary thaj ua rau thaj (syspatch) rau amd64, i386 thiab arm64 platforms twb nyob rau hauv ntau lawm thiab yuav tsum muaj rau download los ntawm lub sij hawm cov xov xwm no yog luam tawm.

Lub ntsiab lus ntawm qhov teeb meem: thaum lub sijhawm ua haujlwm, ld.so thawj zaug rho tawm tus nqi ntawm LD_LIBRARY_PATH hloov pauv los ntawm ib puag ncig thiab, siv _dl_split_path() muaj nuj nqi, hloov nws mus rau hauv array ntawm cov hlua - txoj hauv kev mus rau cov npe. Yog tias tom qab ntawd nws hloov tawm tias cov txheej txheem tam sim no tau pib los ntawm SUID / SGID daim ntawv thov, tom qab ntawd qhov tsim array thiab, qhov tseeb, qhov sib txawv ntawm LD_LIBRARY_PATH raug tshem tawm. Nyob rau tib lub sijhawm, yog _dl_split_path() khiav tawm ntawm lub cim xeeb (uas yog qhov nyuaj vim qhov tseeb 256 kB txwv ntawm qhov loj ntawm ib puag ncig hloov pauv, tab sis theoretically ua tau), ces qhov sib txawv _dl_libpath yuav tau txais tus nqi NULL, thiab tom qab kuaj xyuas ntawm tus nqi ntawm qhov sib txawv no yuav yuam kom hla kev hu mus rau _dl_unsetenv("LD_LIBRARY_PATH").

Vulnerability pom los ntawm cov kws txawj Txuj ci, zoo li ob peb yav dhau los qhia tawm teeb meem. Cov kws tshawb fawb txog kev ruaj ntseg uas tau txheeb xyuas qhov muaj qhov tsis zoo tau sau tseg tias qhov teeb meem tau daws sai npaum li cas: thaj chaw tau npaj thiab hloov kho tshiab tau tso tawm hauv peb teev tom qab OpenBSD qhov project tau txais kev ceeb toom.

Ntxiv: Qhov teeb meem tau muab tus lej CVE-2019-19726. Ua rau ntawm oss-kev ruaj ntseg mailing list tshaj tawm, suav nrog tus qauv siv ua haujlwm ntawm OpenBSD 6.6, 6.5, 6.2 thiab 6.1 architectures
amd64 thiab i386 (qhov kev siv tau tuaj yeem hloov kho rau lwm cov qauv tsim).
Qhov teeb meem yog exploitable nyob rau hauv lub neej ntawd installation thiab tso cai rau ib tug unprivileged lub zos neeg siv los ua cov cai raws li hauv paus ntawm lub tsev qiv ntawv hloov chaw thaum khiav lub chpass los yog passwd suid utilities. Txhawm rau tsim cov kev nco qis uas tsim nyog rau kev ua haujlwm, teeb tsa RLIMIT_DATA txwv ntawm setrlimit.

Tau qhov twg los: opennet.ru

Ntxiv ib saib