N'ime isi ya Linux Achọpụtala adịghị ike (CVE-2022-24122) na mmachi njikwa koodu rlimit na oghere aha onye ọrụ dị iche iche, na-enye ohere maka mmụba nke ihe ùgwù. Nsogbu a na-apụta ìhè site na kernel. Linux 5.14 ma a ga-edozi ya na mmelite 5.16.5 na 5.15.19. Alaka ndị kwụsiri ike Debian, Ubuntu, SUSE/openSUSE na RHEL anaghị emetụta nsogbu ahụ, mana ọ na-apụta na Fedora na Arch kernels kachasị ọhụrụ Linux.
Ewebatara ahụhụ ahụ na mgbanwe agbakwunyere n'oge ọkọchị nke 2021 nke na-agbanwe mmejuputa nke ụfọdụ counter RLIMIT iji usoro “ucounts”. Ihe "ucounts" emebere maka RLIMIT gara n'ihu na-eji mgbe ebe nchekwa ekenyela ha ka ahapụchara (eji ya emechaa n'efu) mgbe ahapụrụ aha ha jikọtara ya na ha, nke mere ka o kwe omume iji nweta mkpochapụ koodu na ọkwa kernel.
Iji onye ọrụ na-enweghị ihe ùgwù eme ihe ga-ekwe omume naanị ma ọ bụrụ na enyere ohere ịnweta aha njirimara onye ọrụ na-enweghị ihe ùgwù na sistemụ ahụ, nke ndabara na-eme ka ọ rụọ ọrụ. Ubuntu na Fedora, mana anaghị arụ ọrụ na Debian na RHEL. Dịka ụzọ isi gbochie adịghị ike ahụ, ị nwere ike gbanyụọ ohere enweghị ohere ịnweta aha onye ọrụ: sysctl -w kernel.unprivileged_userns_clone=0
isi: opennet.ru
