Humbowo hwepfungwa yekusagadzikana kwaburitswa. DirtyDecrypt, inozivikanwawo se DirtyCBC, zvichibvumira mushandisi wemunharaunda asina ropafadzo kuwana root privileges pane mamwe masisitimu LinuxDambudziko riri mukodhi. rxgk masisitimu ari pasi RxRPC uye ine chekuita nekunyora kwepage cache nekuda kwekushaikwa kwekutarisa kwe copy-on-write mu rxgk_decrypt_skb() function. PoC yakaburitswa musi wa18 Chivabvu, 2026, neBleepingComputer; PoC pachayo yakaiswa mu Nzvimbo dzekuchengetedza timu yeV12.
RxRPC inzira yekubatanidza kernel network. Linux pamusoro peUDP, zvichipa kutakurwa kwakavimbika kwemabasa ari kure. Magwaro ekernel anotaura zvakananga kuti AFS — Andrew File System muenzaniso weapplication inoshandisa RxRPC, uye protocol yacho pachayo inotsigira nhaurirano dzekuchengetedza kubatana. Apa ndipo panoshanda RxGK, inoshandiswa pakuchengetedza RxRPC/AFS.
Zvinoenderana netsananguro yeV12, DirtyDecrypt imwe mhando yekirasi yehurema CopyFail / Chidimbu Chakasviba / FragnesiaZvese zvinotenderera papfungwa yakafanana: kushandiswa zvisina kunaka kwe kernel memory, page cache, uye buffers zvinogona kubvumira maitiro emunharaunda asina rusununguko kukanganisa data risingafanirwe kunyorwa. Panyaya yeDirtyDecrypt, iyi i "rxgk pagecache write" nekuda kwekusachengetedzwa kweCOW mu rxgk_decrypt_skb().
Chikwata cheV12 chinoti chakaona uye chakashuma nyaya yacho. 9 May 2026 makore, asi vanochengetedza kernel vakapindura kuti yaive kopi yekanganiso kakatogadziriswa. Vaongorori vakabva vaburitsa humbowo hwepfungwa, vachiti kugadzirisa kwacho kwaitova mu kernel huru.
Mamiriro ezvinhu nemaCVE haaratidzike seari nyore zvachose. BleepingComputer inotaura kuti hapana CVE yepamutemo yakasiyana yezita reDirtyDecrypt panguva yekuburitswa kwayo, asi muongorori Will Dormann anobatanidza ruzivo rwakaburitswa neV12 ne CVE-2026-31635, yakagadziriswa pakupera kwaKubvumbi. NVD inotsanangura CVE-2026-31635 sechikanganiso mu rxrpc: basa re rxgk_verify_response() rakatarisa hurefu hwe RESPONSE authenticator zvisizvo, izvo zvinogona kukonzera kuti authenticator yakareba zvakanyanya ipfuudzirwe ku rxgk_decrypt_skb() uye zvichiita kuti kodhi isashande BUG_ON(len).
Kureva kuti, zvinyorwa zvinowanikwa pachena zvinobatanidza DirtyDecrypt ne CVE-2026-31635, asi tsananguro yeCVE yepamutemo muNVD parizvino inoita kunge yakamanikana uye inonyanya kureva kukanganisa kwekutarisa urefu mu rxrpc, kwete zvakananga kune zita rekuti DirtyDecrypt/DirtyCBC sechinyorwa chakasiyana. Saka, zvakanaka kunyora: DirtyDecrypt inogona kunge ichiwirirana kana kuti ine hukama hwepedyo neCVE-2026-31635, pane kutaura kuti ndiro zita repamutemo reCVE.
Kernel ine sarudzo iyi yakagoneswa inodiwa kuti ishande. CONFIG_RXGK, iyo inosanganisira rutsigiro rweRxGK kune AFS client uye network transport. Izvi zvinoderedza zvakanyanya huwandu hwemasystem akakanganiswa: kunyanya, zvine chekuita nekugoverwa kunokurumidza kutevera kernel iri kumusoro, kusanganisira Fedora, Arch Linux и vhuraSUSE TumbleweedBleepingComputer inosimbisa kuti V12 PoC yakaburitswa yakaedzwa chete paFedora nekernel huru.
DirtyDecrypt yakabuda mushure mekugadzirwa kwezvinhu zvakafanana. Linux Kusasimba kweLPE. Zvakambotaurwa kare Kukundikana kweKopi mu algif_aead, Chidimbu Chakasviba muzvikamu zve network, uyezve Fragnesia muXFRM ESP-in-TCP Microsoft yakatsanangurwa Dirty Frag sekuwedzera kwekodzero dzemunharaunda kuburikidza nezvikamu zve esp4, esp6, uye rxrpc, zvichibvumira murwisi kuwana mukana wemunharaunda uye kuwana nzvimbo muhurongwa.
Njodzi chaiyo yekukanganisa kwakadaro ndeyekuti kunowanzo shandiswa mushure mekutyorwa kwekutanga: semuenzaniso, mushure mekukanganisa account yeSSH, web shell, container iri panjodzi, kana mushandisi webasa asina rombo rakanaka. Awana mukana wekupinda mumidzi, murwisi anogona kudzima zvidzoro zvekuchengetedza, kuverenga zvakavanzika, kugadzirisa marogi, kuisa nguva dzose, uye kufamba-famba kuburikidza nezvivakwa.
Vashandisi vema "rolling-release distributions" anogona kunge akakanganiswa vanokurudzirwa kuisa ma "kernel updates" matsva. Kune masisitimu asingakwanise kugadziriswa nekukurumidza, zvinyorwa zvinotaura nezvemhinduro dzenguva pfupi dzakadai sekudzima ma "rxrpc modules" asina kushandiswa nezvimwe zvinhu zvine chekuita nazvo. Zvisinei, nzira dzakadaro dzekugadzirisa matambudziko dzinogona kukanganisa AFS nedzimwe nzira dzeIPsec/VPN, saka dzinofanira kushandiswa chete mushure mekusimbisa kukanganisa kwacho pane imwe system.
Kune akawanda ma desktop ne server installations, njodzi yacho ingangove yakaderera pane Copy Fail: DirtyDecrypt inoda kernel configuration chaiyo uye local code execution. Zvisinei, kuFedora, Arch Linux, openSUSE Tumbleweed, nedzimwe nzira dzine kernel updates dzinokurumidza, nyaya iyi inofanirwa kutariswa: haisisiri mushumo wedzidziso, asi kushaya simba neuchapupu hwakabudiswa hwepfungwa uye nzira yakajeka yekuwedzera kodzero.
Source: linux.org.ru
