Pulogalamu ya ProHoster > Blog > nkhani zapaintaneti > Chiwopsezo pazigamba za Red Hat kupita ku bootloader ya GRUB2 yomwe imakupatsani mwayi wodutsa kutsimikizira mawu achinsinsi.

Chiwopsezo pazigamba za Red Hat kupita ku bootloader ya GRUB2 yomwe imakupatsani mwayi wodutsa kutsimikizira mawu achinsinsi.

Zambiri zokhudzana ndi chiwopsezo (CVE-2023-4001) m'zigamba za GRUB2 bootloader yokonzedwa ndi Red Hat zawululidwa. Chiwopsezochi chimalola machitidwe ambiri omwe ali ndi UEFI kuti adutse cheke chachinsinsi chomwe chili mu GRUB2 kuti aletse mwayi wopita ku menyu ya boot kapena mzere wa lamulo la bootloader. Chiwopsezochi chimayamba chifukwa cha kusintha komwe kwawonjezeredwa ndi Red Hat ku phukusi la GRUB2 lotumizidwa ndi RHEL ndi Fedora Linux. Vuto silikuwoneka mu pulojekiti yayikulu ya GRUB2 ndipo imangokhudza magawo omwe agwiritsa ntchito zowonjezera za Red Hat.

Vutoli limayamba chifukwa cha zolakwika m'malingaliro a momwe UUID imagwiritsidwira ntchito ndi bootloader kuti apeze chipangizo chokhala ndi fayilo yokonzekera (mwachitsanzo, "/boot/efi/EFI/fedora/grub.cfg") yomwe ili ndi mawu achinsinsi. hashi. Kuti adutse kutsimikizika, wogwiritsa ntchito pakompyuta amatha kulumikiza choyendetsa chakunja, monga USB Flash, ndikuyiyika ku UUID yomwe imagwirizana ndi chizindikiritso cha gawo la boot / boot ya dongosolo lomwe lawukira.

Machitidwe ambiri a UEFI amayendetsa ma drive akunja kaye ndikuwayika pamndandanda wa zida zomwe zadziwika musanayime, kotero gawo la / boot lokonzedwa ndi wowukirayo likhala ndi tsogolo lokonzekera, ndipo motero, GRUB2 iyesa kukweza fayilo yosinthira kuchokera kugawoli. Mukasaka magawo pogwiritsa ntchito lamulo la "saka" mu GRUB2, machesi oyamba a UUID okha amatsimikiziridwa, pambuyo pake kusakako kuyima. Ngati fayilo yayikulu yosinthira sipezeka mugawo linalake, GRUB2 ipereka lamulo lolamula lomwe limakupatsani mwayi wokhala ndi mphamvu zonse pakuyambiranso.

Chida cha "lsblk" chingagwiritsidwe ntchito kudziwa UUID ya magawo ndi wogwiritsa ntchito wopanda mwayi wamba, koma wogwiritsa ntchito kunja yemwe alibe mwayi wogwiritsa ntchito makinawo koma amatha kuwona njira yoyambira, pa magawo ena, kudziwa UUID kuchokera pakuzindikira. mauthenga omwe akuwonetsedwa panthawi ya boot. Chiwopsezochi chayankhidwa ndi Red Hat powonjezera mkangano watsopano ku lamulo la "search" lomwe limalola kuti ntchito ya scan ya UUID ikhale yomangidwa kuti itseke zida zomwe zimagwiritsidwa ntchito poyendetsa boot manager (ie / boot partition iyenera kukhala yofanana. kuyendetsa monga gawo la EFI system).

Source: opennet.ru

Kuwonjezera ndemanga