ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > Vulnerabilities nyob rau hauv cov tsav tsheb rau Broadcom WiFi chips, tso cai rau koj mus rau remotely tua lub system

Vulnerabilities nyob rau hauv cov tsav tsheb rau Broadcom WiFi chips, tso cai rau koj mus rau remotely tua lub system

Hauv cov tsav tsheb rau Broadcom wireless chips qhia tawm plaub yooj yim. Hauv qhov yooj yim tshaj plaws, qhov tsis muaj peev xwm tuaj yeem siv los ua kom muaj kev tsis lees paub ntawm kev pabcuam, tab sis cov xwm txheej tsis tuaj yeem raug cais tawm hauv qhov kev siv dag zog tuaj yeem tsim tau uas tso cai rau tus neeg tawm tsam tsis muaj pov thawj los ua lawv cov cai nrog Linux kernel cov cai los ntawm kev xa cov pob ntawv tshwj xeeb tsim.

Cov teeb meem tau txheeb xyuas los ntawm kev rov qab engineering lub Broadcom firmware. Cov chips cuam tshuam tau siv dav hauv laptops, smartphones thiab ntau yam ntawm cov neeg siv khoom siv, los ntawm SmartTVs mus rau Internet ntawm Yam khoom siv. Tshwj xeeb, Broadcom chips yog siv hauv smartphones los ntawm cov tuam txhab xws li Apple, Samsumg thiab Huawei. Nws yog ib qho tseem ceeb uas Broadcom tau ceeb toom txog qhov tsis zoo rov qab rau lub Cuaj Hli 2018, tab sis nws siv sijhawm li 7 lub hlis los tso tawm cov kev txhim kho hauv kev sib koom tes nrog cov tuam txhab tsim khoom.

Ob qhov tsis zoo cuam tshuam rau sab hauv firmware thiab muaj peev xwm tso cai rau kev ua tiav hauv ib puag ncig ntawm kev ua haujlwm siv hauv Broadcom chips, uas ua rau nws tuaj yeem tawm tsam ib puag ncig uas tsis siv Linux (piv txwv li, muaj peev xwm tawm tsam Apple li tau lees paub. CVE-2019-8564). Cia peb nco qab tias qee qhov Broadcom Wi-Fi chips yog cov txheej txheem tshwj xeeb (ARM Cortex R4 lossis M3), uas ua haujlwm zoo sib xws nrog kev siv ntawm nws 802.11 wireless pawg (FullMAC). Nyob rau hauv xws li chips, tus neeg tsav tsheb xyuas kom muaj kev sib cuam tshuam ntawm lub ntsiab system nrog Wi-Fi nti firmware. Txhawm rau kom tau txais kev tswj hwm tag nrho ntawm cov kab ke tseem ceeb tom qab FullMAC tau raug cuam tshuam, nws tau thov kom siv qhov tsis zoo ntxiv lossis, ntawm qee cov chips, coj kom zoo dua ntawm kev nkag mus rau qhov system nco. Hauv cov chips nrog SoftMAC, 802.11 wireless pawg yog siv rau ntawm tus tsav tsheb sab thiab tua siv lub system CPU.

Vulnerabilities nyob rau hauv cov tsav tsheb rau Broadcom WiFi chips, tso cai rau koj mus rau remotely tua lub system

Tsav tsheb vulnerabilities tshwm nyob rau hauv ob qho tib si tus tswv wl tsav tsheb (SoftMAC thiab FullMAC) thiab qhib qhov chaw brcmfmac (FullMAC). Ob qhov tsis txaus siab tau pom nyob rau hauv tus tsav tsheb wl, siv thaum qhov chaw nkag tau xa cov lus tshwj xeeb hauv EAPOL thaum lub sijhawm sib tham sib txuas lus (qhov kev tawm tsam tuaj yeem nqa tawm thaum txuas mus rau qhov chaw tsis zoo). Nyob rau hauv cov ntaub ntawv ntawm ib tug nti nrog SoftMAC, vulnerabilities ua rau muaj kev cuam tshuam ntawm lub system kernel, thiab nyob rau hauv cov ntaub ntawv ntawm FullMAC, cov cai yuav raug tua nyob rau sab firmware. brcmfmac muaj qhov tsis sib xws thiab cov thav duab xyuas qhov yuam kev siv los ntawm kev xa cov thav duab tswj. Teeb meem nrog tus tsav tsheb brcmfmac hauv Linux ntsiav nws yog tshem tawm nyob rau lub Ob Hlis.

Txheeb xyuas qhov tsis zoo:

  • CVE-2019-9503 - tus cwj pwm tsis raug ntawm tus tsav tsheb brcmfmac thaum ua cov txheej txheem tswj tau siv los cuam tshuam nrog lub firmware. Yog hais tias lub thav duab nrog ib qho kev tshwm sim firmware los ntawm ib qho chaw sab nraud, tus neeg tsav tsheb muab pov tseg, tab sis yog tias qhov kev tshwm sim tau txais los ntawm lub tsheb npav sab hauv, tus ncej yog hla. Qhov teeb meem yog tias cov xwm txheej los ntawm cov khoom siv siv USB kis tau los ntawm lub tsheb npav sab hauv, uas tso cai rau cov neeg tawm tsam kom xa cov firmware tswj cov thav ntawv thaum siv wireless adapters nrog USB interface;
  • CVE-2019-9500 - Thaum lub "Wake-up on Wireless LAN" feature tau qhib, nws muaj peev xwm ua rau muaj kev cuam tshuam ntau dhau hauv brcmfmac tus neeg tsav tsheb (function brcmf_wowl_nd_results) los ntawm kev xa ib qho tshwj xeeb hloov kev tswj tus ncej. Qhov tsis zoo no tuaj yeem siv los txhim kho cov lej ua tiav hauv qhov system tseem ceeb tom qab cov nti tau raug cuam tshuam los yog ua ke nrog CVE-2019-9503 qhov tsis zoo los hla kev txheeb xyuas thaum muaj kev xa xov ntawm cov chaw taws teeb tswj;
  • CVE-2019-9501 - ib qho tsis txaus nyob rau hauv tus tsav tsheb wl (tus wlc_wpa_sup_eapol muaj nuj nqi) uas tshwm sim thaum ua cov lus uas cov chaw tsim khoom cov ntaub ntawv teb cov ntsiab lus tshaj 32 bytes;
  • CVE-2019-9502 - Ib qho tsis txaus nyob rau hauv tus tsav tsheb wl (wlc_wpa_plumb_gtk muaj nuj nqi) tshwm sim thaum ua cov lus uas cov chaw tsim khoom cov ntaub ntawv teb cov ntsiab lus tshaj 164 bytes.

Tau qhov twg los: opennet.ru

Ntxiv ib saib