USB Gadget, lub subsystem ntawm Linux ntsiav uas muab lub programming interface rau kev tsim USB tus neeg siv khoom thiab software simulating USB li, muaj qhov tsis zoo (CVE-2021-39685) uas tuaj yeem ua rau cov ntaub ntawv tawm los ntawm cov ntsiav, kev sib tsoo, lossis kev tua ntawm arbitrary code ntawm qib kernels. Qhov kev tawm tsam yog ua los ntawm ib tus neeg siv hauv zos uas tsis muaj cai los ntawm kev tswj hwm ntawm ntau yam khoom siv hauv chav kawm ua raws li USB Gadget API, xws li rndis, hid, uac1, uac1_legacy thiab uac2.
Qhov teeb meem tau kho nyob rau hauv qhov nyuam qhuav luam tawm Linux ntsiav hloov tshiab 5.15.8, 5.10.85, 5.4.165, 4.19.221, 4.14.258, 4.9.293 thiab 4.4.295. Qhov teeb meem tseem tsis tau kho hauv kev faib khoom (Debian, Ubuntu, RHEL, SUSE, Fedora, Arch). Ib qho kev siv tus qauv tau npaj los ua kom pom qhov tsis zoo.
Qhov teeb meem yog tshwm sim los ntawm ib tug tsis txaus nyob rau hauv cov ntaub ntawv hloov lwm lub tsev thov handlers nyob rau hauv lub gadget tsav tsheb rndis, zais, uac1, uac1_legacy thiab uac2. Raws li qhov tshwm sim ntawm kev siv qhov tsis zoo, tus neeg tawm tsam tsis muaj peev xwm tuaj yeem nkag mus rau lub cim xeeb los ntawm kev xa daim ntawv thov kev tswj hwm tshwj xeeb nrog tus nqi wLength uas tshaj qhov loj ntawm qhov tsis zoo li qub, uas 4096 bytes ib txwm faib (USB_COMP_EP0_BUFSIZ). Thaum lub sijhawm tawm tsam, cov txheej txheem tsis tsim nyog nyob rau hauv cov neeg siv qhov chaw tuaj yeem nyeem lossis sau txog 65 KB ntawm cov ntaub ntawv mus rau hauv lub cim xeeb kernel.
Tau qhov twg los: opennet.ru