Hauv cov ntawv nyeem ΠΈ pom (), uas tso cai rau arbitrary code yuav raug tua thaum qhib ib tug tshwj xeeb tsim cov ntaub ntawv. Qhov teeb meem tshwm sim thaum lub neej ua qauv qauv (β: teeb tsa modelineβ) ua haujlwm, uas tso cai rau koj los txheeb xyuas cov kev xaiv kho hauv cov ntaub ntawv ua tiav. Vulnerability kho nyob rau hauv kev tso tawm
ΠΈ .
Tsuas yog qee qhov kev xaiv tsuas tuaj yeem ntsia tau ntawm modeline. Yog hais tias ib qho kev qhia tau teev tseg raws li qhov kev xaiv tus nqi, nws raug tua nyob rau hauv sandbox hom, uas tso cai rau tsuas yog cov haujlwm yooj yim tshaj plaws. Hauv qhov no, cov lus txib siv tau suav nrog ": qhov chaw" hais kom ua, uas koj tuaj yeem siv "!" hloov kho. khiav arbitrary commands los ntawm cov ntaub ntawv teev. Yog li, txhawm rau ua tiav cov cai, nws yog qhov txaus los qhia hauv kab qauv kev tsim kho xws li "set foldexpr=execute('\:source! some_file'):". Hauv Neovim, kev hu xov tooj raug txwv tsis pub, tab sis assert_fails tuaj yeem siv hloov pauv.
Piv txwv li, txhawm rau khiav "unname -a" hais kom ua, tsuas yog qhib cov ntaub ntawv hauv Vim lossis Neovim uas nws thawj lossis kab kawg hais tias:
:!uname -a||Β» vi:fen:fdm=expr:fde=assert_fails("source\!\\%"): fdl=0:fdt=β
Lub tuam txhab "qhov chaw! %" yuav nyeem cov lus txib los ntawm cov ntaub ntawv tam sim no thiab ua raws li ":!uname -a". Txoj kev khiav tawm tuaj yeem siv los nkaum ib kab los ntawm kev tso tawm los ntawm cov khoom siv miv. Piv txwv li, hauv qhov no thaum qhib cov ntaub ntawv hauv vim, kev sib txuas hauv network yog tsim nrog lub plhaub nkag mus rau tus neeg raug tsim txom lub kaw lus, tab sis cov ntaub ntawv no yuav tsis ua rau muaj kev cia siab thaum tso tawm mus rau lub davhlau ya nyob twg siv cov khoom siv miv.
Koj tuaj yeem tshawb xyuas cov haujlwm ntawm hom qauv nrog cov lus txib ": teeb tsa modeline?". Txhawm rau lov tes taw nws, koj tuaj yeem ntxiv kab "set nomodeline" rau vimrc. Hauv kev faib khoom, qhov teeb meem raug kho hauv , , , , , ΠΈ . Lub vulnerability tseem unpatched nyob rau hauv (hauv Debian modeline yog neeg xiam oob qhab los ntawm lub neej ntawd, yog li qhov tsis zoo tsis tshwm sim hauv lub xeev ua ntej).
Tau qhov twg los: opennet.ru