ProHoster > Блог > ozi ịntanetị > Adịghị ike na ksmbd modul nke Linux kernel, nke na-enye gị ohere ịme koodu gị ozugbo

Adịghị ike na ksmbd modul nke Linux kernel, nke na-enye gị ohere ịme koodu gị ozugbo

Achọpụtala adịghị ike dị oke egwu na modul ksmbd, nke gụnyere mmejuputa nkesa faịlụ dabere na usoro SMB arụnyere n'ime kernel Linux, nke na-enye gị ohere iji ikike kernel mebie koodu gị ozugbo. Enwere ike ịme mwakpo ahụ na-enweghị nkwenye; o zuru ezu na ksmbd modul arụ ọrụ na sistemụ. Nsogbu a na-apụta kemgbe kernel 5.15, ewepụtara na Nọvemba 2021, wee dozie ya nwayọ na mmelite 5.15.61, 5.18.18 na 5.19.2, ewepụtara na Ọgọst 2022. Ebe ọ bụ na e kenyebeghị ihe nchọpụta CVE maka okwu a, ọ nweghị ozi ọ bụla gbasara otu esi edozi nsogbu ahụ na nkesa.

Ekwuputabeghị nkọwa gbasara nrigbu nke adịghị ike ahụ; a maara naanị na ihe ọghọm ahụ na-ebute site na ịnweta ebe nchekwa nke ewepụrụlarị (Jiri-Mgbe-efu) n'ihi enweghị ịlele ịdị adị nke ihe tupu arụ ọrụ. na ya. Nsogbu a bụ n'ihi na ọrụ smb2_tree_disconnect() tọhapụrụ ebe nchekwa e kenyere maka nhazi ksmbd_tree_connect, ma mgbe nke ahụ gasịrị, a ka nwere pointer a na-eji eme ihe mgbe ị na-edozi ụfọdụ arịrịọ mpụga nwere iwu SMB2_TREE_DISCONNECT.

Na mgbakwunye na adịghị ike ahụ a kpọtụrụ aha, edoziwokwa nsogbu 4 dị ize ndụ na ksmbd:

  • ZDI-22-1688 - mkpochapụ koodu dịpụrụ adịpụ na ikike kernel n'ihi koodu nhazi njirimara faịlụ anaghị elele nha data mpụga tupu iṅomi ya na nchekwa raara onwe ya nye. A na-ebelata adịghị ike ahụ site n'eziokwu ahụ bụ na ọ bụ naanị onye ọrụ nwere ike ime mwakpo ahụ.
  • ZDI-22-1691 - ozi dịpụrụ adịpụ sitere na ebe nchekwa kernel n'ihi nlele ndenye ezighi ezi na onye na-ahụ maka iwu SMB2_WRITE (ọ bụ naanị onye ọrụ nwere ike ime mwakpo ahụ).
  • ZDI-22-1687 - ngọnarị nke ọrụ nke ike gwụrụ nke ebe nchekwa dị na sistemụ n'ihi ntọhapụ nke akụrụngwa na-ezighi ezi na onye na-ahụ maka iwu SMB2_NEGOTIATE (enwere ike ịme mwakpo ahụ na-enweghị nkwenye).
  • ZDI-22-1689 - Mkpọka kernel dịpụrụ adịpụ n'ihi enweghị nkwado ziri ezi nke paramita nke iwu SMB2_TREE_CONNECT, na-eme ka a gụọ ya na mpaghara na-abụghị ihe nchekwa (ọ bụ naanị onye ọrụ nwere ike ime mwakpo ahụ).

Nkwado maka iji ihe nkesa SMB na-eji modul ksmbd dị na ngwugwu Samba kemgbe a tọhapụrụ 4.16.0. N'adịghị ka onye ọrụ-oghere SMB nkesa, ksmbd na-arụ ọrụ nke ọma n'ihe gbasara arụmọrụ, oriri ebe nchekwa na njikọta na njirimara kernel dị elu. A na-ahụta Ksmbd dị ka ihe na-arụ ọrụ dị elu, mgbakwunye Samba dị njikere nke jikọtara ya na ngwa Samba na ọba akwụkwọ dịka achọrọ. Namjae Jeon nke Samsung na Hyunchul Lee nke LG dere ksmbd code, na kernel bụ Steve French nke Microsoft na-elekọta ya, onye na-echekwa CIFS/SMB2/SMB3 subsystems na Linux kernel na onye otu ogologo oge na otu mmepe Samba. , onye nyere aka nke ukwuu na mmejuputa nkwado maka usoro SMB/CIFS na Samba na Linux.

isi: opennet.ru

Tinye a comment