Kusagadzikana (CVE-2022-0185) kwaonekwa muFilesystem Context API yakapihwa neLinux kernel, iyo inobvumira mushandisi wepano kuwana midzi midzi pane system. Muongorori akaona dambudziko akaburitsa ratidziro yekubiridzira iyo inokutendera kuti uite kodhi semudzi paUbuntu 20.04 mune yekumisikidzwa. Iyo kodhi yekubiridzira yakarongwa kutumirwa paGitHub mukati mevhiki mushure mekugovera kuburitsa imwe update inogadzirisa kusagadzikana.
Kusagadzikana kuripo mune legacy_parse_param () basa muVFS uye kunokonzerwa nekutadza kunyatso tarisa hukuru hwema paramita akapihwa pamafaira masisitimu asingatsigire Filesystem Context API. Kupfuura parameter yakakurisa kunogona kukonzera kuwandisa kweiyo nhamba yakasiyana inoshandiswa kuverenga saizi yedata rinonyorwa - kodhi ine buffer overflow cheki "kana (len > PAGE_SIZE - 2 - saizi)", iyo isingaite. shanda kana saizi yakakosha inopfuura 4094. yeinteger inofashukira kuburikidza nechepazasi bound (integer underflow, pakukanda 4096 - 2 - 4095 kune isina kusaina int, mhedzisiro ndeye 2147483648).
Iko kukanganisa kunobvumira, kana uchinge uchinge uchinge uchinge uchinge uchinge wakagadzirirwa faira system mufananidzo, kukonzera buffer kufashukira uye kupeta kernel data ichitevera yakagoverwa ndangariro nzvimbo. Kuti ushandise kusazvibata, unofanirwa kuve neCAP_SYS_ADMIN kodzero, i.e. maneja masimba. Dambudziko nderekuti mushandisi asina rusarura anogona kuwana mvumo yakadaro mumudziyo wakasarudzika kana sisitimu ine rutsigiro rwenzvimbo dzemazita dzakagoneswa. Semuenzaniso, nzvimbo dzemazita dzemushandisi inogoneswa nekusarudzika paUbuntu neFedora, asi isingagoneswe paDebian neRHEL (kunze kwekunge mapuratifomu ega ega ashandiswa).
Dambudziko ranga richionekwa kubva kuLinux kernel 5.1 uye rakagadziriswa nezuro zvigadziriso 5.16.2, 5.15.16, 5.10.93, 5.4.173. Mapakeji ekugadzirisa anogadzirisa kusagadzikana akatoburitswa RHEL, Debian, Fedora, uye Ubuntu. Iyo gadziriso haisati yawanikwa paArch Linux, Gentoo, SUSE uye openSUSE. Sekuchengetedza kuchengetedza masisitimu asingashandise midziyo yekuzviparadzanisa nevamwe, unogona kuseta iyo sysctl "user.max_user_namespaces" kukosha ku0: echo "user.max_user_namespaces=0" > /etc/sysctl.d/userns.conf # sysctl -p /etc/sysctl.d/userns.conf
Source: opennet.ru