ProHoster > Blog > nkhani zapaintaneti > Zovuta zomwe zili mu eBPF subsystem zomwe zimalola kugwiritsa ntchito ma code a kernel-level Linux

Zovuta zomwe zili mu eBPF subsystem zomwe zimalola kugwiritsa ntchito ma code a kernel-level Linux

Zofooka ziwiri zatsopano zapezeka mu eBPF subsystem yomwe imalola othandizira kuti agwiritsidwe ntchito mkati mwa kernel. Linux mu makina apadera a pakompyuta okhala ndi JIT. Zofooka zonse ziwirizi zimalola kugwiritsa ntchito ma code okhala ndi ma kernel privileges, kunja kwa makina apadera a eBPF. Chidziwitso chokhudza nkhaniyi chinasindikizidwa ndi gulu la Zero Day Initiative, lomwe limayendetsa mpikisano wa Pwn2Own, lomwe lawonetsa ziwopsezo zitatu chaka chino. Ubuntu Linux, yomwe idagwiritsa ntchito zofooka zomwe sizinali zodziwika kale (kaya zofooka zomwe zili mu eBPF zikugwirizana ndi ziwopsezo izi sizinanenedwe).

  • CVE-2021-3490 - Chiwopsezochi chimayamba chifukwa chosowa kuyang'ana kunja kwa 32-bit mukamagwira ntchito pang'ono NDI, KAPENA, ndi XOR mu eBPF ALU32. Wowukira atha kutenga mwayi wa cholakwikachi kuwerenga ndi kulemba data kunja kwa malire a buffer yomwe yaperekedwa. Vuto la machitidwe a XOR likuwoneka kuyambira pa kernel version 5.7-rc1, ndi NDI ndi OR - kuyambira 5.10-rc1.
  • CVE-2021-3489 - Chiwopsezocho chimayamba chifukwa cha zolakwika pakukhazikitsa ring buffer ndipo ndichifukwa choti bpf_ringbuf_reserve ntchito sinayang'ane kuthekera kwakuti kukula kwa gawo lokumbukira lomwe laperekedwa likhoza kukhala locheperako. wa ringbuf. Vuto likuwoneka kuyambira kutulutsidwa kwa 5.8-rc1.

Mkhalidwe wa kukonza kwa kufooka m'magawidwe ukhoza kutsatiridwa patsamba ili: Ubuntu, Debian, RHEL, Fedora, SUSE, Arch). Zokonza zimapezekanso ngati ma patches (CVE-2021-3489, CVE-2021-3490). Kugwiritsa ntchito molakwika kumadalira wogwiritsa ntchito mwayi wopeza kuyimba kwa eBPF system. Mwachitsanzo, mu kasinthidwe kokhazikika mu RHEL, kugwiritsa ntchito kufooka kumafuna kuti wogwiritsa ntchito akhale ndi mwayi wa CAP_SYS_ADMIN.

Chiwopsezo china mu kernel chiyenera kudziwika padera. Linux — CVE-2021-32606, yomwe imalola wogwiritsa ntchito wakomweko kukulitsa mwayi wawo kuti ukhazikike. Vutoli limayamba ndi kernel. Linux 5.11 ndipo imayambitsidwa ndi mkhalidwe wa mpikisano mu kukhazikitsa kwa protocol ya CAN ISOTP, komwe kumalola magawo omangira socket kusinthidwa chifukwa cha kusowa kwa ma locks oyenera omwe amayikidwa mu ntchito ya isotp_setsockopt() pokonza mbendera ya CAN_ISOTP_SF_BROADCAST.

Soketi ya ISOTP ikatsekedwa, kumangirira kwa socket yolandila kumakhalabe kogwira ntchito, komwe kumatha kupitiliza kugwiritsa ntchito zida zomwe zimagwirizanitsidwa ndi socket pambuyo poti kukumbukira komwe kumalumikizidwa ndi iwo kumasulidwa (kugwiritsa ntchito-kwaulere chifukwa cha kuyimba kwa isotp_sock. zomwe zamasulidwa kale pamene isotp_rcv() imatchedwa). Kupyolera mukusintha kwa data, mutha kupitilira cholozera ku sk_error_report() ntchito ndikuyika nambala yanu pamlingo wa kernel.

Source: opennet.ru

Gulani kuchititsa kodalirika kwamasamba okhala ndi chitetezo cha DDoS, ma seva a VPS VDS Gulani malo odalirika osungira mawebusayiti okhala ndi chitetezo cha DDoS, ma seva a VPS VDS | ProHoster