Mu seva ya ftpd yoperekedwa ndi FreeBSD Kusatetezeka kwambiri (CVE-2020-7468), kulola ogwiritsa ntchito kusungitsa kabuku kanyumba kawo pogwiritsa ntchito njira ya ftpchroot kuti apeze mizu yonse kudongosolo.
Vutoli limayambitsidwa ndi kuphatikiza kwa cholakwika pakukhazikitsa kwa wogwiritsa ntchito kudzipatula pogwiritsa ntchito kuyimba kwa chroot (ngati njira yosinthira uid kapena kuchita chroot ndi chdir ikalephera, cholakwika chosapha chimaponyedwa chomwe sichimathetsa gawolo) ndi kupatsa wogwiritsa ntchito FTP wovomerezeka ufulu wokwanira kuti alambalale zoletsa za mizu mu fayilo. Chiwopsezo sichimachitika mukalowa pa seva ya FTP mosadziwika kapena wogwiritsa ntchito atalowa popanda ftpchroot. Nkhaniyi yathetsedwa mu zosintha 12.1-RELEASE-p10, 11.4-RELEASE-p4 ndi 11.3-RELEASE-p14.
Kuphatikiza apo, titha kuzindikira kuchotsedwa kwa zovuta zina zitatu mu 12.1-RELEASE-p10, 11.4-RELEASE-p4 ndi 11.3-RELEASE-p14:
- - Chiwopsezo cha Bhyve hypervisor, chomwe chimalola alendo kuti alembe zidziwitso kumalo okumbukira omwe akukhalamo ndikupeza mwayi wokwanira wolandila. Vutoli limayamba chifukwa chosowa zoletsa zofikira ku malangizo a purosesa omwe amagwira ntchito ndi maadiresi okhala ndi thupi, ndipo amangowonekera pamakina omwe ali ndi ma CPU a AMD.
- - Chiwopsezo cha Bhyve hypervisor chomwe chimalola wowukira yemwe ali ndi ufulu wa mizu mkati mwamalo otalikirana ndi Bhyve kuti apereke khodi pamlingo wa kernel. Vutoli limayamba chifukwa chosowa zoletsa zoyenera kulowa mu VMCS (Virtual Machine Control Structure) pamakina okhala ndi Intel CPUs ndi VMCB (Virtual Machine Control Structure).
Machine Control Block) pamakina omwe ali ndi ma CPU a AMD. - - Chiwopsezo cha dalaivala wa ure (USB Ethernet Realtek RTL8152 ndi RTL8153), yomwe imalola kuti mapaketi a spoofing kuchokera ku makamu ena kapena kulowetsa mapaketi mu ma VLAN ena potumiza mafelemu akulu (kuposa 2048).
Source: opennet.ru