ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > Vulnerabilities nyob rau hauv Linux kernel ksmbd module uas tso cai rau cov chaw taws teeb ua haujlwm

Vulnerabilities nyob rau hauv Linux kernel ksmbd module uas tso cai rau cov chaw taws teeb ua haujlwm

Hauv ksmbd module, uas muaj kev siv cov ntaub ntawv server raws li SMB raws tu qauv tsim rau hauv Linux kernel, 14 qhov tsis zoo tau raug txheeb xyuas, plaub qhov uas tso cai rau ib qho mus rau qhov chaw khiav dej num nrog cov cai kernel. Qhov kev tawm tsam tuaj yeem ua tiav yam tsis muaj kev lees paub; nws yog qhov txaus uas ksmbd module tau qhib rau ntawm qhov system. Cov teeb meem tshwm sim pib los ntawm kernel 5.15, uas suav nrog ksmbd module. Cov vulnerabilities tau kho nyob rau hauv kernel hloov tshiab 6.3.2, 6.2.15, 6.1.28 thiab 5.15.112. Koj tuaj yeem taug qab cov kev txhim kho hauv cov kev faib tawm ntawm nplooj ntawv hauv qab no: Debian, Ubuntu, Gentoo, RHEL, SUSE, Fedora, Gentoo, Arch.

Cov teeb meem tau txheeb xyuas:

  • CVE-2023-32254, CVE-2023-32250, CVE-2023-32257, CVE-2023-32258 - tej thaj chaw deb code execution nrog kernel txoj cai vim tsis muaj cov khoom raug kaw thaum ua cov kev thov sab nraud uas muaj SMB2_TRESSIMB_DISCONNECT, SMB2_TREEMB_DISCONNECT SMB2_CLOSE, uas ua rau muaj kev sib tw siv tau. Kev tawm tsam tuaj yeem ua tiav yam tsis muaj kev lees paub.
  • CVE-2023-32256 - Tshaj tawm cov ntsiab lus ntawm thaj chaw nco nco vim muaj kev sib tw thaum lub sijhawm ua SMB2_QUERY_INFO thiab SMB2_LOGOFF cov lus txib. Kev tawm tsam tuaj yeem ua tiav yam tsis muaj kev lees paub.
  • CVE-2023-32252, CVE-2023-32248 - Chaw taws teeb tsis lees paub ntawm kev pabcuam vim yog NULL pointer dereference thaum ua SMB2_LOGOFF, SMB2_TREE_CONNECT thiab SMB2_QUERY_INFO cov lus txib. Kev tawm tsam tuaj yeem ua tiav yam tsis muaj kev lees paub.
  • CVE-2023-32249 - Muaj peev xwm ntawm kev sib tham hijacking nrog tus neeg siv vim tsis muaj kev sib cais kom raug thaum tuav tus ID kev sib tham hauv ntau hom channel.
  • CVE-2023-32247, CVE-2023-32255 - Kev tsis lees paub ntawm kev pabcuam vim lub cim xeeb xau thaum ua tiav SMB2_SESSION_SETUP cov lus txib. Kev tawm tsam tuaj yeem ua tiav yam tsis muaj kev lees paub.
  • CVE-2023-2593 yog qhov tsis lees paub ntawm kev pabcuam vim muaj kev ua haujlwm tsis zoo ntawm lub cim xeeb, tshwm sim los ntawm lub cim xeeb tsis ua haujlwm thaum ua cov kev sib txuas tshiab TCP. Kev tawm tsam tuaj yeem ua tiav yam tsis muaj kev lees paub.
  • CVE-2023-32253 Ib qho kev tsis lees paub ntawm kev pabcuam vim muaj kev tsis sib haum xeeb tshwm sim thaum ua cov lus txib SMB2_SESSION_SETUP. Kev tawm tsam tuaj yeem ua tiav yam tsis muaj kev lees paub.
  • CVE-2023-32251 - tsis muaj kev tiv thaiv tawm tsam brute quab yuam.
  • CVE-2023-32246 Ib tus neeg siv hauv cheeb tsam uas muaj cai tshem tawm ksmbd module tuaj yeem ua tiav cov lej ua tiav ntawm qib Linux kernel.

Tsis tas li ntawd, 5 qhov tsis zoo ntxiv tau raug txheeb xyuas hauv pob khoom ksmbd-cov cuab yeej, uas suav nrog cov khoom siv rau kev tswj hwm thiab ua haujlwm nrog ksmbd, raug tua hauv cov neeg siv qhov chaw. Qhov tsis txaus ntshai tshaj plaws (ZDI-CAN-17822, ZDI-CAN-17770, ZDI-CAN-17820, CVE tseem tsis tau muab) tso cai rau cov chaw taws teeb, tsis muaj kev lees paub los tua lawv cov cai nrog cov cai hauv paus. Qhov tsis zoo yog tshwm sim los ntawm qhov tsis muaj kev kuaj xyuas qhov loj ntawm cov ntaub ntawv tau txais sab nraud ua ntej luam nws mus rau qhov tsis nyob hauv WKSSVC qhov kev pabcuam code thiab hauv LSARPC_OPNUM_LOOKUP_SID2 thiab SAMR_OPNUM_QUERY_USER_INFO opcode handlers. Ob qhov tsis zoo ntxiv (ZDI-CAN-17823, ZDI-CAN-17821) tuaj yeem ua rau cov chaw taws teeb tsis lees paub ntawm kev pabcuam yam tsis muaj kev lees paub.

Ksmbd yog touted raws li kev ua tau zoo, embedded-npaj Samba txuas ntxiv uas koom nrog Samba cov cuab yeej thiab cov tsev qiv ntawv raws li xav tau. Kev them nyiaj yug rau kev khiav SMB server siv ksmbd module tau muaj nyob rau hauv Samba pob txij thaum tso tawm 4.16.0. Tsis zoo li SMB neeg rau zaub mov uas khiav hauv cov neeg siv qhov chaw, ksmbd yog qhov ua tau zoo dua ntawm kev ua haujlwm, kev siv lub cim xeeb, thiab kev koom ua ke nrog cov peev txheej siab tshaj plaws. ksmbd yog coded los ntawm Namjae Jeon ntawm Samsung thiab Hyunchul Lee ntawm LG, thiab khaws cia ua ib feem ntawm cov ntsiav. los ntawm Steve Fab Kis ntawm Microsoft, tus tuav tswj ntawm CIFS / SMB2 / SMB3 subsystems hauv Linux ntsiav thiab ib tus tswv cuab ntev ntev ntawm pab pawg tsim kho Samba, tau ua haujlwm tseem ceeb rau kev siv kev txhawb nqa rau SMB / CIFS raws tu qauv hauv Samba thiab Linux.

Tsis tas li ntawd, ob qhov tsis zoo tuaj yeem raug sau tseg hauv vmwgfx cov duab tsav tsheb, siv los siv 3D acceleration hauv VMware ib puag ncig. Thawj qhov tsis zoo (ZDI-CAN-20292) tso cai rau tus neeg siv hauv zos nce lawv cov cai hauv lub cev. Qhov tsis zoo yog vim tsis muaj kev kuaj xyuas lub xeev ntawm qhov tsis ua ntej tso nws thaum ua haujlwm vmw_buffer_object, uas tuaj yeem ua rau hu rau ob npaug rau kev ua haujlwm pub dawb. Qhov thib ob qhov tsis zoo (ZDI-CAN-20110) ua rau muaj qhov xau ntawm cov ntsiab lus ntawm lub cim xeeb vim qhov ua yuam kev hauv kev teeb tsa lub xauv ntawm GEM cov khoom.

Tau qhov twg los: opennet.ru

Ntxiv ib saib