ProHoster > Blog > nkhani zapaintaneti > Kusintha kwa X.Org Server 21.1.10 ndi kukonza zofooka. Kuchotsa chithandizo cha UMS kuchokera ku kernel. Linux

Kusintha kwa X.Org Server 21.1.10 ndi kukonza zofooka. Kuchotsa chithandizo cha UMS kuchokera ku kernel. Linux

Zowongolera za X.Org Server 21.1.10 ndi gawo la DDX (Device-Dependent X) xwayland 23.2.3 zasindikizidwa, zomwe zimatsimikizira kukhazikitsidwa kwa X.Org Server pokonzekera kukhazikitsidwa kwa mapulogalamu a X11 m'malo a Wayland. Zofooka ziwiri zimakhazikika m'mitundu yatsopano. Chiwopsezo choyamba chitha kugwiritsidwa ntchito kuti chiwonjezeke mwayi pamakina omwe seva ya X ikugwira ntchito ngati mizu, komanso kuyika ma code akutali pamasinthidwe omwe amagwiritsa ntchito kuwongolera gawo la X11 kudzera pa SSH kuti mupeze.

Zazindikirika:

  • CVE-2023-6377 - Kusefukira kwa buffer mu chogwirira batani la XKB kumachitika mukasintha zida zolowera zomveka (mwachitsanzo, posintha kuchokera pa touchpad kupita ku mbewa) chifukwa cha kuwerengera kolakwika kwa chidziwitso cha chipangizocho. Seva ya X idapereka kukumbukira kokwanira kwa chogwirira chimodzi cha XKB, osaganizira kuchuluka kwa mabatani pa chipangizo chatsopanocho. Zotsatira zake, pempho losintha ma batani a XKB zidapangitsa kuti deta ilembedwe kudera lomwe lili kunja kwa buffer. Vutoli lakhala likuwonekera kuyambira kutulutsidwa kwa xorg-server-1.6.0 (2009).
  • CVE-2023-6478 Kusefukira kokwanira kumachitika mukatumiza zopempha zopangidwa mwapadera za RRChangeProviderProperty ndi RRChangeOutputProperty. Kusatetezeka kungayambitse kuwerengera deta kuchokera kudera lomwe lili kunja kwa buffer ndikutulutsa zambiri kuchokera mu memory memory. Vutoli limayamba chifukwa chogwiritsa ntchito 32-bit int mumitundu yowerengera kukula, yomwe imatha kusefukira popereka pempho lalikulu. Mavuto akhala akuwonekera kuyambira kutulutsidwa kwa xorg-server-1.4.0 (2004) ndi xorg-server-1.13.0 (2012).

Kuphatikiza apo, tikufuna kuzindikira pempho lochotsa mafoni a ioctl ndi chithandizo cha UMS (Userspace Mode-Setting) kuchokera ku nthambi ya linux-next, yomwe ikupanga kusintha kwa kernel. Linux 6.8. Mawonekedwe a UMS adapangidwa kuti azitha kusintha mawonekedwe a kanema pamlingo wa ogwiritsa ntchito ndipo adagwiritsidwa ntchito m'ma driver akale kwambiri omwe sakuthandizidwanso. Ma driver omwe amapereka mawonekedwe a UMS adachotsedwa mu 2016 ndipo adachotsedwa mu kernel 6.3.

Makamaka, kernel 6.3 idachotsa madalaivala a i810 (makadi akale ophatikizika a Intel 8xx), mga (Matrox GPU), r128 (ATI Rage 128 GPU, kuphatikiza makadi a Rage Fury, XPERT 99 ndi XPERT 128), savage (S3 Savage GPU), sis (Crusty SiS GPU), tdfx (3dfx Voodoo) ndi kudzera (VIA IGP). Popeza palibe zopempha zobwerera kwawo zomwe zalandilidwa kuyambira kuchotsedwa kwa madalaivalawa, mu kernel 6.8 adaganiza zochotsa zida za UMS zomwe zimagwiritsidwa ntchito pamadalaivalawa kuchokera kudongosolo la DRM. Madalaivala omwe amakhalabe amakono akhala akusintha kwanthawi yayitali kuti asinthe makanema amakanema kudzera pa mawonekedwe a KMS (Kernel Mode Setting).

Source: opennet.ru

Gulani kuchititsa kodalirika kwamasamba okhala ndi chitetezo cha DDoS, ma seva a VPS VDS Gulani malo odalirika osungira mawebusayiti okhala ndi chitetezo cha DDoS, ma seva a VPS VDS | ProHoster