Chiwopsezo chadziwika mu code ya TCP-based RDS protocol handler (Reliable Datagram Socket, net/rds/tcp.c) (), zomwe zingayambitse mwayi wopita kumalo okumbukira omasulidwa kale ndi kukana ntchito (mwinamwake, mwayi wogwiritsa ntchito vutoli kuti ukonzekere kuphedwa kwa code sikuchotsedwa). Vutoli limayamba chifukwa cha mpikisano womwe ungachitike mukamagwira ntchito ya rds_tcp_kill_sock ndikuchotsa zitsulo zapaintaneti.
Kufotokozera Vutoli limalembedwa kuti lingagwiritsidwe ntchito patali pamaneti, koma kutengera kufotokozera , popanda kupezeka kwanuko m'dongosolo ndikusintha malo a mayina, sikungatheke kukonzekera kuwukira patali. Makamaka, malinga ndi Madivelopa a SUSE, chiwopsezochi chimangogwiritsidwa ntchito kwanuko kokha; kukonza kuwukira ndizovuta kwambiri ndipo kumafuna mwayi wowonjezera mudongosolo. Ngati mu NVD mlingo wangozi umayesedwa pa 9.3 (CVSS v2) ndi 8.1 (CVSS v2) mfundo, ndiye malinga ndi chiwerengero cha SUSE ngoziyo imayesedwa pa 6.4 mfundo pa 10.
Oimira Ubuntu nawonso kuopsa kwa vutoli kumaonedwa kuti nβkochepa. Pa nthawi yomweyo, malinga ndi CVSS v3.0 specifications, vuto amapatsidwa mkulu mlingo kuukira zovuta ndi exploitability amapatsidwa 2.2 mfundo 10.
Kuweruza kuchokera ku Cisco, chiwopsezochi chimagwiritsidwa ntchito patali potumiza mapaketi a TCP ku mautumiki apakompyuta. ndipo pali kale prototype ya ntchito. Momwe chidziwitsochi chikugwirizanirana ndi zenizeni sichinadziwikebe; mwina lipotilo limangopanga malingaliro a NVD mwaluso. Wolemba Kugwiritsa ntchito kwa VulDB sikunapangidwe ndipo vutoli limangogwiritsidwa ntchito kwanuko.
Vuto limapezeka mu maso pamaso pa 5.0.8 ndipo lidatsekedwa ndi Marichi , kuphatikizidwa mu kernel 5.0.8. M'magawidwe ambiri vuto limakhalabe losathetsedwa (, , , ). Kukonzekera kwatulutsidwa kwa SLE12 SP3, openSUSE 42.3 ndi .
Source: opennet.ru