Ofufuza a Google Project Zero adasindikiza njira yopezera chiopsezo (CVE-2020-29661) pakukhazikitsa TIOCSPGRP ioctl handler kuchokera ku tty subsystem ya Linux kernel, ndikuwunikanso mwatsatanetsatane njira zodzitetezera zomwe zingatseke zofooka.
Vuto lomwe limayambitsa vutoli lidakhazikitsidwa mu Linux kernel pa Disembala 3 chaka chatha. Vutoli likuwoneka mu maso mpaka mtundu wa 5.9.13, koma zogawa zambiri zakonza vutoli posintha ma phukusi a kernel omwe adaperekedwa chaka chatha (Debian, RHEL, SUSE, Ubuntu, Fedora, Arch). Chiwopsezo chofananira (CVE-2020-29660) chinapezeka nthawi yomweyo pakukhazikitsa kuyimba kwa TIOCGSID ioctl, koma idakhazikitsidwa kale kulikonse.
Vutoli limadza chifukwa cha vuto pokhazikitsa maloko, zomwe zimapangitsa kuti pakhale mpikisano mu drivers/tty/tty_jobctrl.c code, yomwe idagwiritsidwa ntchito popanga mikhalidwe yaulere yomwe imagwiritsidwa ntchito kuchokera pamalo a ogwiritsa ntchito kudzera mukusintha kwa ioct. kuyimbira TIOCSPGRP. Kugwiritsa ntchito bwino kwawonetsedwa pakukweza mwayi pa Debian 10 ndi kernel 4.19.0-13-amd64.
Panthawi imodzimodziyo, nkhani yofalitsidwayo siiyang'ana kwambiri pa njira yopangira ntchito, koma ndi zida ziti zomwe zili mu kernel kuti ziteteze ku zofooka zotere. Kutsiliza sikutonthoza; njira monga kugawa kukumbukira mu mulu ndi kuwongolera kukumbukira kukumbukira pambuyo pomasulidwa sizigwiritsidwa ntchito, chifukwa zimabweretsa kuchepa kwa magwiridwe antchito, ndi chitetezo chochokera ku CFI (Control Flow Integrity) midadada ikadzabwera pambuyo pake, ikufunika kuwongolera.
Poganizira zomwe zingapangitse kusiyana kwa nthawi yayitali, chomwe chimadziwika ndi kugwiritsa ntchito makina owunikira osasunthika kapena kugwiritsa ntchito zilankhulo zotetezedwa pamtima monga Rust ndi C dialects zokhala ndi matanthauzidwe olemera (monga Checked C) kuti muwone. fotokozani panthawi yomanga maloko, zinthu ndi zolozera. Njira zodzitchinjiriza zimaphatikizaponso kuyambitsa njira ya panic_on_oops, kusintha ma kernel kuti akhale owerengera okha, komanso kuletsa kuyimba mafoni pogwiritsa ntchito njira monga seccomp.
Source: opennet.ru