Nthawi ino mndandandawo umangowonjezera zovuta zomwe zimachitika chifukwa chofikira malo okumbukira omwe adamasulidwa kale (ogwiritsa ntchito-opanda) kapena kutsogola kutayikira kwa data kuchokera ku kukumbukira kwa kernel. Nkhani zomwe zingagwiritsidwe ntchito kuletsa ntchito sizikuphatikizidwa mu lipotilo. Zowonongeka zitha kugwiritsidwa ntchito ngati zida za USB zokonzedwa mwapadera zalumikizidwa ndi kompyuta. Kukonzekera kwamavuto onse omwe atchulidwa mu lipotilo akuphatikizidwa kale mu kernel, koma ena sanaphatikizidwe mu lipotilo.
Zowopsa kwambiri zogwiritsa ntchito pambuyo paulere zomwe zingayambitse kupha kwa code of attacker zachotsedwa mu adutux, ff-memless, ieee802154, pn533, hiddev, iowarrior, mcba_usb ndi madalaivala a yurex. CVE-2019-19532 imatchulanso zovuta 14 mu madalaivala a HID obwera chifukwa cha zolakwika zomwe zimalola kulemba kunja kwa malire. Mavuto adapezeka mu ttusb_dec, pcan_usb_fd ndi pcan_usb_pro madalaivala omwe amatsogolera kutayikira kwa data kuchokera ku kernel memory. Vuto (CVE-2019-19537) chifukwa chamtundu wamtundu wadziwika mu code stack ya USB yogwirira ntchito ndi zida zamakhalidwe.
Mukhozanso kuzindikira
Source: opennet.ru