ProHoster > Блог > xov xwm hauv internet > Qhov tsis muaj zog hauv ksmbd kernel module Linux, cia koj ua koj cov lej nyob deb

Qhov tsis muaj zog hauv ksmbd kernel module Linux, cia koj ua koj cov lej nyob deb

Hauv ksmbd module, uas muaj cov kernel uas twb muaj lawm Linux Muaj kaum plaub qhov tsis zoo tau pom nyob rau hauv kev siv SMB-based file server, plaub ntawm cov no tso cai rau kev ua haujlwm ntawm cov lej deb nrog cov cai kernel. Qhov kev tawm tsam tuaj yeem ua tiav yam tsis muaj kev lees paub; lub ksmbd module yuav tsum tau qhib rau ntawm lub system. Cov teeb meem tau muaj txij li kernel 5.15, uas suav nrog ksmbd module. Cov qhov tsis zoo tau kho hauv kernel hloov tshiab 6.3.2, 6.2.15, 6.1.28, thiab 5.15.112. Koj tuaj yeem taug qab cov patches hauv cov kev faib tawm ntawm cov nplooj ntawv hauv qab no: Debian, Ubuntu, Gentoo, RHEL, SUSE, Fedora, Gentoo, Arch.

Cov teeb meem tau txheeb xyuas:

  • CVE-2023-32254, CVE-2023-32250, CVE-2023-32257, CVE-2023-32258 - tej thaj chaw deb code execution nrog kernel txoj cai vim tsis muaj cov khoom raug kaw thaum ua cov kev thov sab nraud uas muaj SMB2_TRESSIMB_DISCONNECT, SMB2_TREEMB_DISCONNECT SMB2_CLOSE, uas ua rau muaj kev sib tw siv tau. Kev tawm tsam tuaj yeem ua tiav yam tsis muaj kev lees paub.
  • CVE-2023-32256 - Tshaj tawm cov ntsiab lus ntawm thaj chaw nco nco vim muaj kev sib tw thaum lub sijhawm ua SMB2_QUERY_INFO thiab SMB2_LOGOFF cov lus txib. Kev tawm tsam tuaj yeem ua tiav yam tsis muaj kev lees paub.
  • CVE-2023-32252, CVE-2023-32248 - Chaw taws teeb tsis lees paub ntawm kev pabcuam vim yog NULL pointer dereference thaum ua SMB2_LOGOFF, SMB2_TREE_CONNECT thiab SMB2_QUERY_INFO cov lus txib. Kev tawm tsam tuaj yeem ua tiav yam tsis muaj kev lees paub.
  • CVE-2023-32249 - Muaj peev xwm ntawm kev sib tham hijacking nrog tus neeg siv vim tsis muaj kev sib cais kom raug thaum tuav tus ID kev sib tham hauv ntau hom channel.
  • CVE-2023-32247, CVE-2023-32255 - Kev tsis lees paub ntawm kev pabcuam vim lub cim xeeb xau thaum ua tiav SMB2_SESSION_SETUP cov lus txib. Kev tawm tsam tuaj yeem ua tiav yam tsis muaj kev lees paub.
  • CVE-2023-2593 yog qhov tsis lees paub ntawm kev pabcuam vim muaj kev ua haujlwm tsis zoo ntawm lub cim xeeb, tshwm sim los ntawm lub cim xeeb tsis ua haujlwm thaum ua cov kev sib txuas tshiab TCP. Kev tawm tsam tuaj yeem ua tiav yam tsis muaj kev lees paub.
  • CVE-2023-32253 Ib qho kev tsis lees paub ntawm kev pabcuam vim muaj kev tsis sib haum xeeb tshwm sim thaum ua cov lus txib SMB2_SESSION_SETUP. Kev tawm tsam tuaj yeem ua tiav yam tsis muaj kev lees paub.
  • CVE-2023-32251 - tsis muaj kev tiv thaiv tawm tsam brute quab yuam.
  • CVE-2023-32246 - Ib tus neeg siv hauv zos uas tau tso cai tshem tawm ksmbd module tuaj yeem ua tiav kev ua tiav ntawm kernel-level code. Linux.

Tsis tas li ntawd, 5 qhov tsis zoo ntxiv tau raug txheeb xyuas hauv pob khoom ksmbd-cov cuab yeej, uas suav nrog cov khoom siv rau kev tswj hwm thiab ua haujlwm nrog ksmbd, raug tua hauv cov neeg siv qhov chaw. Qhov tsis txaus ntshai tshaj plaws (ZDI-CAN-17822, ZDI-CAN-17770, ZDI-CAN-17820, CVE tseem tsis tau muab) tso cai rau cov chaw taws teeb, tsis muaj kev lees paub los tua lawv cov cai nrog cov cai hauv paus. Qhov tsis zoo yog tshwm sim los ntawm qhov tsis muaj kev kuaj xyuas qhov loj ntawm cov ntaub ntawv tau txais sab nraud ua ntej luam nws mus rau qhov tsis nyob hauv WKSSVC qhov kev pabcuam code thiab hauv LSARPC_OPNUM_LOOKUP_SID2 thiab SAMR_OPNUM_QUERY_USER_INFO opcode handlers. Ob qhov tsis zoo ntxiv (ZDI-CAN-17823, ZDI-CAN-17821) tuaj yeem ua rau cov chaw taws teeb tsis lees paub ntawm kev pabcuam yam tsis muaj kev lees paub.

Ksmbd raug txhawb nqa ua ib qho kev ua haujlwm siab, npaj txhij rau Samba, koom ua ke nrog Samba cov cuab yeej thiab cov tsev qiv ntawv raws li qhov xav tau. Kev txhawb nqa rau kev khiav SMB server siv ksmbd module tau muaj nyob rau hauv pob Samba txij li tso tawm 4.16.0. Tsis zoo li tus neeg siv-chaw SMB server, ksmbd muaj txiaj ntsig zoo dua ntawm kev ua tau zoo, kev siv nco, thiab kev koom ua ke nrog cov yam ntxwv kernel siab heev. Cov lej ksmbd tau sau los ntawm Namjae Jeon ntawm Samsung thiab Hyunchul Lee ntawm LG, thiab nws tus neeg saib xyuas kernel yog Steve French ntawm Microsoft, tus neeg saib xyuas ntawm CIFS / SMB2 / SMB3 subsystems hauv kernel. Linux thiab yog ib tug tswv cuab ntev ntawm pab pawg tsim kho Samba, uas tau ua cov txiaj ntsig tseem ceeb rau kev siv SMB / CIFS protocol kev txhawb nqa hauv Samba thiab Linux.

Tsis tas li ntawd, ob qhov tsis zoo tuaj yeem raug sau tseg hauv vmwgfx cov duab tsav tsheb, siv los siv 3D acceleration hauv VMware ib puag ncig. Thawj qhov tsis zoo (ZDI-CAN-20292) tso cai rau tus neeg siv hauv zos nce lawv cov cai hauv lub cev. Qhov tsis zoo yog vim tsis muaj kev kuaj xyuas lub xeev ntawm qhov tsis ua ntej tso nws thaum ua haujlwm vmw_buffer_object, uas tuaj yeem ua rau hu rau ob npaug rau kev ua haujlwm pub dawb. Qhov thib ob qhov tsis zoo (ZDI-CAN-20110) ua rau muaj qhov xau ntawm cov ntsiab lus ntawm lub cim xeeb vim qhov ua yuam kev hauv kev teeb tsa lub xauv ntawm GEM cov khoom.

Tau qhov twg los: opennet.ru

Yuav txhim khu kev qha hosting rau cov chaw nrog DDoS tiv thaiv, VPS VDS servers 🔥 Yuav lub vev xaib hosting txhim khu kev qha nrog kev tiv thaiv DDoS, VPS VDS servers | ProHoster