Andrey Konovalov wochokera ku Google Zowopsa za 15 mu madalaivala a USB operekedwa mu Linux kernel. Uwu ndi gulu lachiwiri lamavuto omwe amapezeka pakuyesa kwachangu - mu 2017, wofufuza uyu Pali zovuta zina 14 mu stack ya USB. Mavuto amatha kugwiritsidwa ntchito ngati zida za USB zokonzedwa mwapadera zalumikizidwa ndi kompyuta. Kuwukira kumatheka ngati pali mwayi wogwiritsa ntchito zidazo ndipo zingayambitse kuwonongeka kwa kernel, koma ziwonetsero zina sizingathetsedwe (mwachitsanzo, pakuwukira komweku komwe kunapezeka mu 2016). mu USB driver snd-usbmidi zinatheka kupanga code pamlingo wa kernel).
Pazinthu 15, 13 zakhazikitsidwa kale pazosintha zaposachedwa za Linux kernel, koma zofooka ziwiri (CVE-2019-15290, CVE-2019-15291) zimakhalabe zosakhazikika pakutulutsidwa kwaposachedwa kwa 5.2.9. Zowonongeka zosasinthika zimatha kupangitsa kuti NULL pointer dereferences mu ath6kl ndi madalaivala a b2c2 alandire deta yolakwika kuchokera ku chipangizocho. Zowopsa zina ndi izi:
- Kufikira kumalo okumbukira omasulidwa kale (kugwiritsa ntchito-pambuyo paulere) mu madalaivala v4l2-dev/radio-raremono, dvb-usb, sound/core, cpia2 ndi p54usb;
- Kukumbukira kopanda kawiri mu driver wa rio500;
- NULL pointer dereferences mu yurex, zr364xx, siano/smsusb, sisusbvga, line6/pcm, motu_microbookii ndi madalaivala a line6.
Source: opennet.ru