Ụlọ ọrụ Eclypsium
Nnyocha ọzọ gosipụtara na nsogbu ndị a na-emetụtakwa firmware nke ndị na-ahụ maka BMC ejiri na Gigabyte Enterprise Servers server platforms, nke a na-ejikwa na sava sitere na ụlọ ọrụ dịka Acer, AMAX, Bigtera, Ciara, Penguin Computing na sysGen. Ndị na-ahụ maka BMC nwere nsogbu jiri ngwa ngwa MergePoint EMS na-adịghị ike mebere site n'aka onye na-ere ahịa Avocent nke atọ (ugbu a nkewa nke Vertiv).
Ihe ọghọm nke mbụ kpatara ya bụ enweghị nkwenye cryptographic nke mmelite firmware ebudatara (naanị CRC32 checksum nkwenye ka a na-eji, megidere ya.
Ihe ọghọm nke abụọ dị na koodu nwelite firmware ma na-enye gị ohere iji dochie iwu nke gị, nke a ga-egbu na BMC yana oke ikike. Iji wakpo, o zuru ezu iji gbanwee uru nke RemoteFirmwareImageFilePath parameter na bmcfwu.cfg nhazi faịlụ, site na nke a na-ekpebi ụzọ nke onyinyo nke firmware emelitere. N'oge mmelite na-esote, nke enwere ike ịmalite site na iwu dị na IPMI, BMC ga-edozi oke a ma jiri ya dịka akụkụ nke oku popen() dịka akụkụ nke ahịrị maka / bin/sh. Ebe ọ bụ na a na-emepụta ahịrị maka ịmepụta iwu shei site na iji snprintf() oku na-enweghị nhicha nke ọma nke mkpụrụedemede pụrụ iche, ndị na-awakpo nwere ike dochie koodu ha maka igbu. Iji jiri adịghị ike, ị ga-enwerịrị ikike nke ga-enye gị ohere izipu iwu na njikwa BMC site na IPMI (ọ bụrụ na ị nwere ikike nchịkwa na sava ahụ, ị nwere ike izipu iwu IPMI na-enweghị nkwenye ọzọ).
A mara ọkwa Gigabyte na Lenovo maka nsogbu ndị ahụ laa azụ na Julaị 2018 wee jisie ike wepụta mmelite tupu ekpughere ozi ahụ n'ihu ọha. Ụlọ ọrụ Lenovo
Na Mee 8 nke afọ a, Gigabyte weputara mmelite firmware maka nne na nna ya na njikwa ASPEED AST2500, mana dị ka Lenovo, ọ doziri adịghị ike nnọchi iwu. bọọdụ ndị na-adịghị ike dabere na ASPEED AST2400 na-anọgide na-enweghị mmelite ugbu a. Gigabyte kwa
Ka anyị cheta na BMC bụ onye njikwa pụrụ iche arụnyere na sava, nke nwere CPU nke ya, ebe nchekwa, nchekwa na oghere ntuli aka sensọ, nke na-enye ọkwa dị ala maka nlekota na ijikwa ngwa nkesa. Iji BMC, n'agbanyeghị agbanyeghị sistemụ arụmọrụ na-agba ọsọ na ihe nkesa, ị nwere ike nyochaa ọnọdụ nke sensọ, jikwaa ike, femụwe na diski, hazie ime booting na netwọk, hụ na ọrụ nke a remote access console, wdg.
isi: opennet.ru