Andrey Konovalov los ntawm Google 15 qhov tsis zoo hauv USB tsav tsheb muaj nyob rau hauv Linux ntsiav. Qhov no yog qhov thib ob ntawm cov teeb meem pom thaum lub sij hawm sim fuzzing - hauv 2017, tus kws tshawb fawb no Muaj 14 qhov tsis txaus ntseeg ntxiv hauv USB pawg. Cov teeb meem tuaj yeem siv tau thaum tshwj xeeb npaj cov khoom siv USB txuas nrog lub computer. Kev tawm tsam tuaj yeem ua tau yog tias muaj lub cev nkag mus rau cov cuab yeej thiab tuaj yeem ua rau tsawg kawg yog lub pob tawg, tab sis lwm yam kev tshwm sim tsis tuaj yeem txiav tawm (piv txwv li, rau qhov kev tawm tsam zoo sib xws hauv xyoo 2016. hauv USB tsav snd-usbmidi ua tiav kom ua tiav cov cai ntawm qib kernel).
Ntawm 15 qhov teeb meem, 13 twb tau kho nyob rau hauv qhov tseeb Linux kernel hloov tshiab, tab sis ob qhov tsis zoo (CVE-2019-15290, CVE-2019-15291) nyob twj ywm unfixed nyob rau hauv qhov tseeb tso tawm 5.2.9. Unpatched vulnerabilities tuaj yeem ua rau NULL pointer dereferences hauv ath6kl thiab b2c2 tsav tsheb thaum tau txais cov ntaub ntawv tsis raug ntawm lub cuab yeej. Lwm qhov tsis zoo muaj xws li:
- Nkag mus rau qhov chaw nco tau tso tseg (siv-tom qab-dawb) hauv cov tsav tsheb v4l2-dev / xov tooj cua-raremono, dvb-usb, suab / core, cpia2 thiab p54usb;
- Muab ob npaug rau-dawb nco hauv rio500 tsav tsheb;
- NULL pointer dereferences hauv yurex, zr364xx, siano/smsusb, sisusbvga, line6/pcm, motu_microbookii thiab line6 drivers.
Tau qhov twg los: opennet.ru