ProHoster > Блог > ozi ịntanetị > PixieFAIL - adịghị ike na ngwugwu netwọọdụ firmware UEFI ejiri maka buut PXE

PixieFAIL - adịghị ike na ngwugwu netwọọdụ firmware UEFI ejiri maka buut PXE

Achọpụtala adịghị ike itoolu na firmware UEFI dabere na TianoCore EDK2 mepere emepe, nke a na-ejikarị na sistemụ sava, nke akpọrọ PixieFAIL. Ọdịmma dị na nchịkọta firmware netwọk ejiri iji hazie buut netwọk (PXE). Ọdịmma kachasị dị ize ndụ na-enye ohere ka onye na-awakpo akọwaghị ya mebie koodu dịpụrụ adịpụ na ọkwa firmware na sistemụ na-enye ohere ịgbatị PXE n'elu netwọk IPv9.

Nsogbu ndị dị ntakịrị na-ebute ịgọnarị ọrụ (igbochi akpụkpọ ụkwụ), ntapu ozi, nsị cache DNS, na nkwụsị oge TCP. Enwere ike iji ọtụtụ adịghị ike site na netwọk mpaghara, mana enwere ike ịwakpo ụfọdụ adịghị ike site na netwọk mpụga. Ihe omume mwakpo a na-ahụkarị na-agbadata iji nyochaa okporo ụzọ na netwọkụ mpaghara yana izipu ngwugwu ahaziri ahazi mgbe achọpụtara ọrụ metụtara booting sistemụ site na PXE. Achọghị ịnweta ihe nkesa nbudata ma ọ bụ ihe nkesa DHCP. Iji gosi usoro mbuso agha, ebipụtala ihe njiri mara ihe.

A na-eji firmware UEFI dabere na TianoCore EDK2 n'ọtụtụ nnukwu ụlọ ọrụ, ndị na-eweta igwe ojii, ebe data na ụyọkọ mgbakọ. Karịsịa, a na-eji modul NetworkPkg na-adịghị ike nwere mmejuputa akpụkpọ ụkwụ PXE na ngwa ngwa mepụtara ARM, Insyde Software (Insyde H20 UEFI BIOS), American Megatrends (AMI Apio OpenEdition), Phoenix Teknụzụ (SecureCore), Intel, Dell na Microsoft (Project Mu). ). Ekwenyere na adịghị ike ndị ahụ na-emetụta ikpo okwu ChromeOS, nke nwere ngwugwu EDK2 na ebe nchekwa, ma Google kwuru na ejighị ngwugwu a na ngwa ngwa maka Chromebooks na ChromeOS ikpo okwu adịghị emetụta nsogbu ahụ.

Achọpụtara adịghị ike:

  • CVE-2023-45230 - Ihe nkpuchi na-ejupụta na koodu ndị ahịa DHCPv6, na-erigbu site na ịgafe ogologo ogologo NJ sava (Nhọrọ NJ sava).
  • CVE-2023-45234 - A na-ejubiga ihe ókè mgbe ị na-ahazi nhọrọ na ihe nkesa DNS gafere na ozi na-ekwupụta ọnụnọ nke sava DHCPv6.
  • CVE-2023-45235 - Nchekwa oke oke mgbe ị na-ahazi nhọrọ NJ nkesa na ozi ọkwa ọkwa proxy DHCPv6.
  • CVE-2023-45229 bụ integer underflow na-eme n'oge nhazi nke IA_NA/IA_TA nhọrọ na DHCPv6 ozi na-akpọsa ihe nkesa DHCP.
  • CVE-2023-45231 Mwepu data na-apụ apụ na-eme mgbe ị na-ahazi ozi ND Redirect (Nchọpụta Agbata Obi) nwere ụkpụrụ nhọrọ mpịaji.
  • CVE-2023-45232 Akara enweghị ngwụcha na-eme mgbe ị na-atụgharị nhọrọ ndị amabeghị na nkụnye eji isi mee Nhọrọ Nhọrọ.
  • CVE-2023-45233 loop enweghị ngwụcha na-eme mgbe ị na-atụgharị nhọrọ PadN na nkụnye eji isi mee.
  • CVE-2023-45236 - Ojiji nke mkpụrụ osisi usoro TCP nwere ike ịtụ anya iji kwe ka njikọ TCP wedge.
  • CVE-2023-45237 - Iji ihe na-emepụta nọmba pseudo-random enweghị ntụkwasị obi nke na-emepụta ụkpụrụ amụma.

Edebere adịghị ike ndị a na CERT/CC na Ọgọst 3, 2023, na ụbọchị ngosi a haziri maka Nọvemba 2. Agbanyeghị, n'ihi mkpa maka ntọhapụ ahaziri ahazi n'ofe ọtụtụ ndị na-ere ahịa, eweghachitere ụbọchị mwepụta ahụ azụ na Disemba 1, wee laghachi azụ na Disemba 12 na Disemba 19, 2023, mana ekpughere ya na Jenụwarị 16th, 2024. N'otu oge ahụ, Microsoft rịọrọ ka yigharịa mbipụta ozi ruo Mee.

isi: opennet.ru

Tinye a comment