Chiwopsezo (CVE-5.1-2022) chadziwika pakukhazikitsa mawonekedwe a io_uring asynchronous input/output, ophatikizidwa mu Linux kernel kuyambira kutulutsidwa kwa 2602, komwe kumalola wogwiritsa ntchito wopanda mwayi kupeza ufulu wa mizu mudongosolo. Vutoli latsimikiziridwa munthambi 5.4 ndi maso kuyambira nthambi 5.15.
Chiwopsezocho chimayamba chifukwa chogwiritsa ntchito-pambuyo-chaulere chipika mu io_uring subsystem, yomwe imachitika chifukwa cha mpikisano mukamakonza pempho la io_uring pafayilo yomwe mukufuna panthawi yotolera zinyalala pazitsulo za Unix, ngati wosonkhanitsa zinyalala amamasula onse olembetsedwa. zofotokozera mafayilo ndi chofotokozera cha fayilo chomwe io_uring imagwira ntchito. Kuti mupange zinthu mwanzeru kuti chiwopsezocho chidziwonetsere, mutha kuchedwetsa pempholo pogwiritsa ntchito userfaultfd mpaka wotolera zinyalala atatulutsa kukumbukira.
Ofufuza omwe adazindikira vutoli adalengeza za kupanga ntchito yogwirira ntchito, yomwe akufuna kufalitsa pa Okutobala 25 kuti apatse ogwiritsa ntchito nthawi yoyika zosintha. Kukonzekera kukupezeka ngati chigamba. Zosintha zamagawidwe sizinatulutsidwebe, koma mutha kutsata kupezeka kwawo patsamba lotsatirali: Debian, Ubuntu, Gentoo, RHEL, Fedora, SUSE/openSUSE, Arch.
Source: opennet.ru