Hauv cov tsav tsheb rau Broadcom wireless chips
Cov teeb meem tau txheeb xyuas los ntawm kev rov qab engineering lub Broadcom firmware. Cov chips cuam tshuam tau siv dav hauv laptops, smartphones thiab ntau yam ntawm cov neeg siv khoom siv, los ntawm SmartTVs mus rau Internet ntawm Yam khoom siv. Tshwj xeeb, Broadcom chips yog siv hauv smartphones los ntawm cov tuam txhab xws li Apple, Samsumg thiab Huawei. Nws yog ib qho tseem ceeb uas Broadcom tau ceeb toom txog qhov tsis zoo rov qab rau lub Cuaj Hli 2018, tab sis nws siv sijhawm li 7 lub hlis los tso tawm cov kev txhim kho hauv kev sib koom tes nrog cov tuam txhab tsim khoom.
Ob qhov tsis zoo cuam tshuam rau sab hauv firmware thiab muaj peev xwm tso cai rau kev ua tiav hauv ib puag ncig ntawm kev ua haujlwm siv hauv Broadcom chips, uas ua rau nws tuaj yeem tawm tsam ib puag ncig uas tsis siv Linux (piv txwv li, muaj peev xwm tawm tsam Apple li tau lees paub.
Tsav tsheb vulnerabilities tshwm nyob rau hauv ob qho tib si tus tswv wl tsav tsheb (SoftMAC thiab FullMAC) thiab qhib qhov chaw brcmfmac (FullMAC). Ob qhov tsis txaus siab tau pom nyob rau hauv tus tsav tsheb wl, siv thaum qhov chaw nkag tau xa cov lus tshwj xeeb hauv EAPOL thaum lub sijhawm sib tham sib txuas lus (qhov kev tawm tsam tuaj yeem nqa tawm thaum txuas mus rau qhov chaw tsis zoo). Nyob rau hauv cov ntaub ntawv ntawm ib tug nti nrog SoftMAC, vulnerabilities ua rau muaj kev cuam tshuam ntawm lub system kernel, thiab nyob rau hauv cov ntaub ntawv ntawm FullMAC, cov cai yuav raug tua nyob rau sab firmware. brcmfmac muaj qhov tsis sib xws thiab cov thav duab xyuas qhov yuam kev siv los ntawm kev xa cov thav duab tswj. Teeb meem nrog tus tsav tsheb brcmfmac hauv Linux ntsiav
Txheeb xyuas qhov tsis zoo:
- CVE-2019-9503 - tus cwj pwm tsis raug ntawm tus tsav tsheb brcmfmac thaum ua cov txheej txheem tswj tau siv los cuam tshuam nrog lub firmware. Yog hais tias lub thav duab nrog ib qho kev tshwm sim firmware los ntawm ib qho chaw sab nraud, tus neeg tsav tsheb muab pov tseg, tab sis yog tias qhov kev tshwm sim tau txais los ntawm lub tsheb npav sab hauv, tus ncej yog hla. Qhov teeb meem yog tias cov xwm txheej los ntawm cov khoom siv siv USB kis tau los ntawm lub tsheb npav sab hauv, uas tso cai rau cov neeg tawm tsam kom xa cov firmware tswj cov thav ntawv thaum siv wireless adapters nrog USB interface;
- CVE-2019-9500 - Thaum lub "Wake-up on Wireless LAN" feature tau qhib, nws muaj peev xwm ua rau muaj kev cuam tshuam ntau dhau hauv brcmfmac tus neeg tsav tsheb (function brcmf_wowl_nd_results) los ntawm kev xa ib qho tshwj xeeb hloov kev tswj tus ncej. Qhov tsis zoo no tuaj yeem siv los txhim kho cov lej ua tiav hauv qhov system tseem ceeb tom qab cov nti tau raug cuam tshuam los yog ua ke nrog CVE-2019-9503 qhov tsis zoo los hla kev txheeb xyuas thaum muaj kev xa xov ntawm cov chaw taws teeb tswj;
- CVE-2019-9501 - ib qho tsis txaus nyob rau hauv tus tsav tsheb wl (tus wlc_wpa_sup_eapol muaj nuj nqi) uas tshwm sim thaum ua cov lus uas cov chaw tsim khoom cov ntaub ntawv teb cov ntsiab lus tshaj 32 bytes;
- CVE-2019-9502 - Ib qho tsis txaus nyob rau hauv tus tsav tsheb wl (wlc_wpa_plumb_gtk muaj nuj nqi) tshwm sim thaum ua cov lus uas cov chaw tsim khoom cov ntaub ntawv teb cov ntsiab lus tshaj 164 bytes.
Tau qhov twg los: opennet.ru