Zambiri zawululidwa za zovuta ziwiri mu bootloader ya GRUB2, zomwe zingayambitse kuyika ma code mukamagwiritsa ntchito mafonti opangidwa mwapadera ndikukonza masanjidwe ena a Unicode. Zowopsa zitha kugwiritsidwa ntchito kudutsa njira yotsimikizira ya UEFI Secure Boot.
Zowopsa zomwe zidazindikirika:
- CVE-2022-2601 - Buffer kusefukira mu ntchito ya grub_font_construct_glyph () pokonza mafonti opangidwa mwapadera mumtundu wa pf2, zomwe zimachitika chifukwa cha kuwerengetsa kolakwika kwa max_glyph_size parameter ndi kugawa malo okumbukira omwe mwachiwonekere ndi ocheperako kuposa kufunikira sungani ma glyphs.
- CVE-2022-3775 Kulemba kopitilira malire kumachitika popereka ma Unicode amatsatidwe mwamtundu wopangidwa mwapadera. Vuto liri mu kachidindo ka font ndipo limayamba chifukwa chosowa macheke oyenerera kuti muwonetsetse kuti m'lifupi ndi kutalika kwa glyph zimagwirizana ndi kukula kwa bitmap yomwe ilipo. Wowukira atha kupanga zolowetsa m'njira yopangitsa kuti mchira wa data ulembedwe kunja kwa buffer yomwe yaperekedwa. Zimadziwika kuti ngakhale zovuta zogwiritsa ntchito chiwopsezo, kubweretsa vuto pakuphedwa kwa code sikuchotsedwa.
Kukonzekera kwasindikizidwa ngati chigamba. Mkhalidwe wochotsa zofooka pakugawira ukhoza kuwunikidwa pamasamba awa: Ubuntu, SUSE, RHEL, Fedora, Debian. Kuti mukonze mavuto mu GRUB2, sikokwanira kungosintha phukusi; mudzafunikanso kupanga siginecha zatsopano zamkati za digito ndikuyika zosintha, zojambulira, phukusi la kernel, fwupd firmware ndi shim wosanjikiza.
Zogawa zambiri za Linux zimagwiritsa ntchito kagawo kakang'ono ka shim, kosainidwa ndi Microsoft, pa boot yotsimikizika mu UEFI Safe Boot mode. Chigawochi chimatsimikizira GRUB2 ndi satifiketi yake, yomwe imalola opanga magawo kuti asatsimikizire kernel iliyonse ndikusintha kwa GRUB ndi Microsoft. Zowopsa mu GRUB2 zimakulolani kuti mugwiritse ntchito nambala yanu panthawiyi mutatsimikizira bwino za shim, koma musanalowetse makina ogwiritsira ntchito, kulowetsedwa muzitsulo zodalirika ndi Secure Boot mode yogwira ntchito ndikukhala ndi mphamvu zonse pa bootloading ina, kuphatikizapo kuyambitsa ina. OS, kusintha magawo a machitidwe ogwiritsira ntchito ndi chitetezo chotchinga chotseka.
Kuti aletse chiwopsezo popanda kubweza siginecha ya digito, magawo amatha kugwiritsa ntchito njira ya SBAT (UEFI Secure Boot Advanced Targeting), yomwe imathandizidwa ndi GRUB2, shim ndi fwupd pamagawidwe ambiri a Linux. SBAT inapangidwa pamodzi ndi Microsoft ndipo imaphatikizapo kuwonjezera metadata ku mafayilo omwe angathe kuchitidwa a zigawo za UEFI, zomwe zimaphatikizapo zambiri za wopanga, malonda, chigawo ndi mtundu. Metadata yotchulidwayo imatsimikiziridwa ndi siginecha ya digito ndipo imatha kuphatikizidwa padera pamndandanda wazinthu zololedwa kapena zoletsedwa za UEFI Secure Boot.
SBAT imakupatsani mwayi woletsa kugwiritsa ntchito siginecha ya digito pamawerengero amtundu uliwonse popanda kubweza makiyi a Safe Boot. Kuletsa ziwopsezo kudzera pa SBAT sikufuna kugwiritsa ntchito mndandanda wochotsa satifiketi ya UEFI (dbx), koma kumachitidwa pamlingo wosintha makiyi amkati kuti apange siginecha ndikusintha GRUB2, shim ndi zida zina za boot zomwe zimaperekedwa ndi magawo. Asanakhazikitsidwe SBAT, kukonzanso mndandanda wochotsa satifiketi (dbx, UEFI Revocation List) kunali kofunikira kuti atsekeretu kusatetezeka, popeza wowukira, mosasamala kanthu za makina ogwiritsira ntchito, atha kugwiritsa ntchito media media ndi mtundu wakale wosatetezeka wa GRUB2, kutsimikiziridwa ndi siginecha ya digito, kusokoneza UEFI Safe Boot.
Source: opennet.ru