ProHoster > Blog > nkhani zapaintaneti > Chiwopsezo pazigamba za Red Hat kupita ku bootloader ya GRUB2 yomwe imakupatsani mwayi wodutsa kutsimikizira mawu achinsinsi.

Chiwopsezo pazigamba za Red Hat kupita ku bootloader ya GRUB2 yomwe imakupatsani mwayi wodutsa kutsimikizira mawu achinsinsi.

Kufooka (CVE-2023-4001) kwawululidwa m'magawo a GRUB2 bootloader yokonzedwa ndi Red Hat. Pamakina ambiri a UEFI, kufooka kumeneku kumalola kunyalanyaza cheke cha mawu achinsinsi chomwe chili mu GRUB2 kuti muchepetse mwayi wopeza menyu yoyambira kapena mzere wa lamulo la bootloader. Kufooka kumeneku kumachitika chifukwa cha kusintha komwe Red Hat adawonjezera ku phukusi la GRUB2 lomwe lili mu RHEL ndi Fedora. Linux. Проблема не проявляется в основном проекте GRUB2 и затрагивает только дистрибутивы, применившие дополнительные патчи Red Hat.

Vutoli limayamba chifukwa cha zolakwika m'malingaliro a momwe UUID imagwiritsidwira ntchito ndi bootloader kuti apeze chipangizo chokhala ndi fayilo yokonzekera (mwachitsanzo, "/boot/efi/EFI/fedora/grub.cfg") yomwe ili ndi mawu achinsinsi. hashi. Kuti adutse kutsimikizika, wogwiritsa ntchito pakompyuta amatha kulumikiza choyendetsa chakunja, monga USB Flash, ndikuyiyika ku UUID yomwe imagwirizana ndi chizindikiritso cha gawo la boot / boot ya dongosolo lomwe lawukira.

Machitidwe ambiri a UEFI amayendetsa ma drive akunja kaye ndikuwayika pamndandanda wa zida zomwe zadziwika musanayime, kotero gawo la / boot lokonzedwa ndi wowukirayo likhala ndi tsogolo lokonzekera, ndipo motero, GRUB2 iyesa kukweza fayilo yosinthira kuchokera kugawoli. Mukasaka magawo pogwiritsa ntchito lamulo la "saka" mu GRUB2, machesi oyamba a UUID okha amatsimikiziridwa, pambuyo pake kusakako kuyima. Ngati fayilo yayikulu yosinthira sipezeka mugawo linalake, GRUB2 ipereka lamulo lolamula lomwe limakupatsani mwayi wokhala ndi mphamvu zonse pakuyambiranso.

Chida cha "lsblk" chingagwiritsidwe ntchito kudziwa UUID ya magawo ndi wogwiritsa ntchito wopanda mwayi wamba, koma wogwiritsa ntchito kunja yemwe alibe mwayi wogwiritsa ntchito makinawo koma amatha kuwona njira yoyambira, pa magawo ena, kudziwa UUID kuchokera pakuzindikira. mauthenga omwe akuwonetsedwa panthawi ya boot. Chiwopsezochi chayankhidwa ndi Red Hat powonjezera mkangano watsopano ku lamulo la "search" lomwe limalola kuti ntchito ya scan ya UUID ikhale yomangidwa kuti itseke zida zomwe zimagwiritsidwa ntchito poyendetsa boot manager (ie / boot partition iyenera kukhala yofanana. kuyendetsa monga gawo la EFI system).

Source: opennet.ru

Gulani kuchititsa kodalirika kwamasamba okhala ndi chitetezo cha DDoS, ma seva a VPS VDS Gulani malo odalirika osungira mawebusayiti okhala ndi chitetezo cha DDoS, ma seva a VPS VDS | ProHoster