Muaj qhov tsis zoo (CVE-2023-4692) tau pom nyob rau hauv tus tsav tsheb uas txhawb nqa NTFS cov ntaub ntawv system hauv GRUB2 bootloader. Qhov tsis zoo no tso cai rau kev ua tiav ntawm cov lej tshwj xeeb ntawm qib bootloader thaum nkag mus rau cov duab system tshwj xeeb. Qhov tsis zoo no tuaj yeem raug siv los hla lub tshuab UEFI Secure Boot uas tau txheeb xyuas.
Qhov tsis muaj zog no yog tshwm sim los ntawm qhov yuam kev hauv cov lej txheeb xyuas rau NTFS tus cwj pwm "$ATTRIBUTE_LIST" (grub-core/fs/ntfs.c), uas tuaj yeem siv los sau cov ntaub ntawv tswj hwm los ntawm tus neeg siv mus rau qhov chaw nco sab nraum lub buffer uas tau muab faib. Thaum ua cov duab NTFS tshwj xeeb, qhov overflow ua rau overwrite ib feem ntawm GRUB nco thiab, nyob rau hauv qee qhov xwm txheej, ua rau lub cim xeeb firmware UEFI puas tsuaj, tej zaum yuav tso cai rau kev ua tiav cov lej ntawm bootloader lossis firmware theem.
Ntxiv mus, lwm qhov tsis muaj zog (CVE-2023-4693) tau pom nyob rau hauv NTFS tsav tsheb hauv GRUB2. Qhov tsis muaj zog no tso cai rau kev nyeem cov ntsiab lus ntawm lub cim xeeb thaum txheeb xyuas cov yam ntxwv "$DATA" hauv daim duab NTFS tshwj xeeb. Ntawm lwm yam, qhov tsis muaj zog no tso cai rau kev rho tawm cov ntaub ntawv rhiab heev uas khaws cia hauv lub cim xeeb lossis kev txiav txim siab ntawm EFI cov nqi hloov pauv.
Cov teeb meem tsuas yog tau daws los ntawm kev kho kom raug xwb. Cov xwm txheej ntawm kev kho qhov tsis muaj zog hauv kev faib tawm tuaj yeem soj ntsuam ntawm cov nplooj ntawv no: Debian, Ubuntu, SUSE, RHEL, Fedora. Kev kho cov teeb meem GRUB2 xav tau ntau tshaj li kev hloov kho pob khoom xwb; nws kuj xav tau tsim cov kos npe digital sab hauv tshiab thiab hloov kho cov installers, bootloaders, kernel packages, fwupd firmware, thiab cov txheej shim.
Feem Ntau LinuxCov kev faib tawm rau kev kuaj xyuas khau raj hauv UEFI Secure Boot hom siv ib txheej shim me me, kos npe los ntawm Microsoft. Txheej no txheeb xyuas GRUB2 nrog nws daim ntawv pov thawj, tshem tawm qhov xav tau rau cov neeg tsim khoom faib tawm kom ceeb toom rau Microsoft txog txhua lub kernel thiab GRUB hloov tshiab. Qhov tsis muaj zog hauv GRUB2 tso cai rau kev ua tiav cov lej tom qab kev kuaj xyuas shim tiav, tab sis ua ntej lub operating system khau raj. Qhov no tso cai rau cov neeg tawm tsam nkag mus rau hauv txoj saw ntawm kev ntseeg siab thaum Secure Boot tau qhib thiab tau txais kev tswj hwm tag nrho ntawm cov txheej txheem khau raj tom ntej, piv txwv li, khau raj lwm OS, hloov kho cov khoom ntawm lub operating system, lossis hla Lockdown kev tiv thaiv.
Txhawm rau thaiv qhov tsis muaj zog yam tsis tas yuav rho tawm cov kos npe digital, cov kev faib tawm tuaj yeem siv SBAT (UEFI Secure Boot Advanced Targeting) mechanism, kev txhawb nqa uas tau siv rau GRUB2, shim, thiab fwupd hauv feem ntau cov kev faib tawm nrov. LinuxSBAT tau tsim los ntawm kev koom tes nrog Microsoft thiab muaj kev ntxiv cov metadata ntxiv rau cov ntaub ntawv executable ntawm UEFI component, suav nrog cov ntaub ntawv hais txog lub chaw tsim khoom, cov khoom, cov khoom, thiab version. Cov metadata no tau kos npe digitally thiab tuaj yeem suav nrog cais rau hauv cov npe ntawm cov khoom uas tau tso cai lossis tsis lees paub rau UEFI Secure Boot.
SBAT tso cai rau kev thaiv kev siv cov kos npe digital rau cov lej version ntawm cov khoom ib leeg yam tsis tas yuav rho tawm cov yuam sij Secure Boot. Kev thaiv qhov tsis muaj zog ntawm SBAT tsis tas yuav siv UEFI Certificate Revocation List (dbx), tab sis ua tiav ntawm qib hloov tus yuam sij sab hauv rau kev tsim cov kos npe thiab hloov kho GRUB2, shim, thiab lwm yam khoom siv khau raj uas muab los ntawm cov chaw faib khoom. Ua ntej kev qhia txog SBAT, kev hloov kho UEFI Revocation List (dbx) yog qhov yuav tsum tau ua rau kev thaiv qhov tsis muaj zog tag nrho, vim tias tus neeg tawm tsam, tsis hais lub operating system siv li cas, tuaj yeem siv tus yuam sij khau raj los cuam tshuam UEFI Secure Boot.
Tau qhov twg los: opennet.ru
