Ebipụtala ihe ndozi nke ngwugwu 4.15.5, 4.14.12 na 4.13.17, na-ewepụ adịghị ike 3. Ihe ọghọm kachasị dị ize ndụ (CVE-2021-44142) na-enye ohere ka onye na-awakpo dịpụrụ adịpụ mebie koodu aka ike na ikike mgbọrọgwụ na sistemụ na-agba ụdị Samba adịghị ike. Enyere nsogbu ahụ ọkwa ogo nke 9.9 n'ime 10.
Enweghị ike a na-egosipụta onwe ya naanị mgbe ejiri modul vfs_fruit VFS nwere paramita ndabara (fruit:metadata=netatalk ma ọ bụ fruit:resource=file), nke na-enye ọkwa ọzọ nke ndakọrịta na ndị ahịa macOS ma na-eme ka sistemụ faịlụ dịkwuo mma. sava Netatalk 3 AFP. Nsogbu a na-akpata site na mmụba nke ihe nchekwa na koodu nyocha maka metadata agbatịkwuru (EA, xattr), nke na-eme mgbe emepere faịlụ na smbd. Iji mee mwakpo, onye ọrụ ga-enwerịrị ike ide ihe na njirimara agbatịkwuru nke faịlụ ahụ, ọ bụ ezie na onye ọrụ ọbịa nwekwara ike ime mwakpo ahụ ma ọ bụrụ na ha nwere ohere ide ihe.
Enwere ike ịchọta mmelite nke ngwugwu na nkesa na peeji ndị a: Debian, Ubuntu, RHEL, SUSE, Fedora, Arch, FreeBSD. Dịka ụzọ isi dozie nsogbu a, ị nwere ike iwepụ modulu "mkpụrụ" na ndepụta "vfs objects" na smb.conf.
Ihe ọghọm abụọ fọdụrụnụ:
- Ọdịmma CVE-2022-0336 na-enye onye ọrụ Samba AD DC ohere iṅomi ọrụ ọzọ yana igbochi okporo ụzọ a na-agwa ọrụ a. Iji wakpo, onye ọrụ ga-enwerịrị ikike ịgbanwe njirimara aha aha ọrụ dị na akaụntụ ahụ.
- Ihe ọghọm CVE-2021-44141 nwere ike ị nweta ozi gbasara ịdị adị nke faịlụ na akwụkwọ ndekọ aha na mpaghara FS na mpụga nkebi Samba ebupụ. A na-eme mwakpo ahụ site na iji njikọ ihe atụ.
isi: opennet.ru
