Gulu la ofufuza ochokera ku Technical University of Graz (Austria), yomwe kale idadziwika kuti ikupanga zida za MDS, NetSpectre, Throwhammer ndi ZombieLoad, yafalitsa njira yatsopano yowukira mbali (CVE-2021-3714) motsutsana ndi Memory-Deduplication , yomwe imalola kudziwa kukhalapo kwa kukumbukira kwa data ina, kukonza kutayikira kwa zinthu zomwe zili mkati mwa kukumbukira, kapena kudziwa momwe kukumbukira kumadutsa chitetezo cha adilesi yochokera ku randomization (ASLR). Njira yatsopanoyi imasiyana ndi zomwe zidawonetsedwa m'mbuyomu pakuwukira kwa njira yochotsamo pochita kuwukira kuchokera kwa wolandila wakunja pogwiritsa ntchito njira yosinthira nthawi yoyankhira zopempha zomwe zatumizidwa kwa wowukirayo kudzera pa ma protocol a HTTP/1 ndi HTTP/2. Kuthekera kochita chiwembucho kwawonetsedwa kwa ma seva ozikidwa pa Linux ndi Windows.
Zowukira pamakina ochepetsa kukumbukira zimagwiritsa ntchito kusiyana kwa nthawi yopangira ntchito yolemba ngati njira yodutsira zidziwitso munthawi yomwe kusintha kwa data kumabweretsa kupangidwa kwa tsamba lokumbukira lomwe lachotsedwa pogwiritsa ntchito makina a Copy-On-Write (COW) . Panthawi yogwira ntchito, kernel imazindikira masamba okumbukira ofanana kuchokera kumachitidwe osiyanasiyana ndikuphatikiza, ndikujambula masamba amakumbukidwe ofanana m'malo amodzi okumbukira kuti asunge buku limodzi lokha. Pamene imodzi mwa njirazo ikuyesera kusintha deta yokhudzana ndi masamba ochotsedwa, chosiyana (cholakwika chatsamba) chimachitika ndipo, pogwiritsa ntchito Copy-On-Write makina, kopi yosiyana ya tsamba lokumbukira imapangidwa yokha, yomwe imaperekedwa ku ndondomekoyi. Nthawi yowonjezera imathera pomaliza kukopera, zomwe zingakhale chizindikiro cha kusintha kwa deta kusokoneza ndondomeko ina.
Ofufuza awonetsa kuti kuchedwa komwe kumachitika chifukwa cha makina a COW kumatha kugwidwa osati kwanuko kokha, komanso posanthula kusintha kwa nthawi yoperekera mayankho pamaneti. Njira zingapo zaperekedwa kuti zidziwitse zomwe zili m'makumbukidwe kuchokera kwa munthu wakutali posanthula nthawi yofunsidwa pama protocol a HTTP/1 ndi HTTP/2. Kuti musunge ma tempulo osankhidwa, mapulogalamu okhazikika apa intaneti amagwiritsidwa ntchito omwe amasunga zomwe zalandilidwa pamtima.
Mfundo yachiwopsezo imafikira pakudzaza tsamba lokumbukira pa seva ndi data yomwe imatha kubwereza zomwe zili patsamba lokumbukira lomwe lili kale pa seva. Wowukirayo amadikirira nthawi yofunikira kuti kernel ibwereze ndikuphatikiza tsamba lokumbukira, kenako amasintha zomwe zimayendetsedwa ndikuwunika nthawi yoyankha kuti adziwe ngati kugunda kwapambana.
Pazoyeserera, kuchuluka kwa kutayikira kwa chidziwitso kunali 34.41 byte pa ola polimbana ndi netiweki yapadziko lonse lapansi ndi ma byte 302.16 pa ola polimbana ndi netiweki yakomweko, yomwe imathamanga kwambiri kuposa njira zina zopezera deta kudzera panjira zachipani chachitatu (mwachitsanzo, pakuwukira kwa NetSpecter, kuchuluka kwa data ndi ma 7.5 byte pa ola limodzi).
Njira zitatu zogwirira ntchito zaperekedwa. Njira yoyamba imakupatsani mwayi wodziwa zomwe mukukumbukira pa intaneti yomwe imagwiritsa ntchito Memcached. Kuwukiraku kumafikira pakukweza ma seti ena a data mu yosungirako Memcached, kuchotsa chipika chochotsedwa, kulembanso chinthu chomwecho ndikupanga chikhalidwe choti kukopera kwa COW kuchitike posintha zomwe zili mu block. Panthawi yoyesera ndi Memcached, zinali zotheka kudziwa mu masekondi a 166.51 mtundu wa libc woyikidwa pamakina omwe akuyenda mu makina enieni.
Njira yachiwiri idapangitsa kuti zitheke kudziwa zomwe zili m'marekodi mu MariaDB DBMS, mukamagwiritsa ntchito InnoDB yosungirako, pokonzanso zomwe zili mkati mwa byte. Kuwukiraku kumachitika potumiza zopempha zosinthidwa mwapadera, zomwe zimapangitsa kuti pakhale zolakwika zamtundu umodzi m'masamba okumbukira ndikuwunika nthawi yoyankhira kuti muwone kuti zomwe zili mu byte zinali zolondola. Mlingo wa kutayikira koteroko ndi wochepa ndipo umakhala 1.5 byte pa ola pamene akuukira kuchokera pa intaneti. Ubwino wa njirayi ndikuti ungagwiritsidwe ntchito kubwezeretsa zomwe sizikudziwika kukumbukira.
Njira yachitatu idapangitsa kuti zitheke kudutsa njira yoteteza KASLR mumphindi 4 ndikupeza chidziwitso chokhudza kukumbukira kwa chithunzi cha kernel yamakina, pomwe adilesiyo ili patsamba lokumbukira momwe zina sizisintha. Kuukiraku kunachitika kuchokera kwa gulu lomwe lili ndi ma hop 14 kuchokera ku dongosolo lomwe linawonongedwa. Zitsanzo zamakina ogwiritsira ntchito ziwonetsero zomwe zaperekedwa zikulonjezedwa kuti zidzasindikizidwa pa GitHub.
Source: opennet.ru