Chiwopsezo (CVE-2021-33035) chadziwika muofesi ya Apache OpenOffice yomwe imalola kukhazikitsidwa kwa code mukatsegula fayilo yopangidwa mwapadera mumtundu wa DBF. Wofufuza yemwe adapeza vutoli adachenjeza za kupanga mwayi wogwira ntchito papulatifomu ya Windows. Kukonzekera kwachiwopsezo kumangopezeka ngati chigamba chomwe chili munkhokwe ya projekiti, yomwe idaphatikizidwa muzoyeserera za OpenOffice 4.1.11. Palibe zosintha za nthambi yokhazikika pano.
Vutoli limayamba chifukwa OpenOffice kudalira fieldLength ndi fieldType values ββpamutu wa mafayilo a DBF kugawa kukumbukira, osayang'ana kuti mtundu weniweni wa data m'magawowo umagwirizana. Kuti muchite chiwembu, mutha kufotokoza mtundu wa INTEGER pamundaType mtengo, koma ikani deta yokulirapo ndikuwonetsa mtengo wamundaUtali womwe sukugwirizana ndi kukula kwa datayo ndi mtundu wa INTEGER, zomwe zidzatsogolera ku mchira wa datayo. kuchokera kumunda kulembedwa kupyola buffer yomwe yaperekedwa. Chifukwa cha kusefukira kwa buffer komwe kumayendetsedwa, wofufuzayo adatha kufotokozeranso cholozera chobwerera kuchokera ku ntchitoyo ndipo, pogwiritsa ntchito njira zowonetsera zobwerera (ROP - Return-Oriented Programming), kukwaniritsa kukwaniritsidwa kwa code yake.
Pogwiritsa ntchito njira ya ROP, wowukirayo samayesa kuyika nambala yake pamtima, koma amagwiritsa ntchito zidutswa zamakina zomwe zilipo kale m'malaibulale odzaza, kutha ndi malangizo obwerera (monga lamulo, awa ndi malekezero a ntchito za library) . Ntchito yopezerapo mwayi imatsikira pakumanga ma foni angapo ku midadada yofananira ("zida zamagetsi") kuti mupeze zomwe mukufuna. Zida zomwe zidagwiritsidwa ntchito mu OpenOffice zinali ma code ochokera ku laibulale ya libxml2 yomwe imagwiritsidwa ntchito ku OpenOffice, yomwe, mosiyana ndi OpenOffice yokha, idapangidwa popanda njira zotetezera za DEP (Data Execution Prevention) ndi ASLR (Address Space Layout Randomization).
Madivelopa a OpenOffice adadziwitsidwa za nkhaniyi pa Meyi 4, pambuyo pake kuwululidwa kwa anthu pachiwopsezo kudakonzedwa pa Ogasiti 30. Popeza kusinthidwa kwa nthambi yokhazikika sikunamalizidwe ndi tsiku lomwe linakonzedweratu, wofufuzayo adayimitsa kufotokozera za tsatanetsatane mpaka September 18, koma opanga OpenOffice sanathe kupanga kumasulidwa kwa 4.1.11 pofika tsiku lino. Ndizofunikira kudziwa kuti pakufufuza komweku, chiwopsezo chofananacho chidadziwika mu kachidindo ka DBF mu Microsoft Office Access (CVE-2021β38646), tsatanetsatane wake adzawululidwa mtsogolo. Palibe zovuta zomwe zapezeka mu LibreOffice.
Source: opennet.ru