MuFreeBSD, kusazvibata (CVE-2022-23093) kwakaonekwa mune iyo ping utility inosanganisirwa mukugovera kwekutanga. Iyo nyaya inogona kutungamira kune kure kure kodhi kuuraya nemidzi ropafadzo kana pinging yekunze inodzorwa neanorwisa. Kugadziriswa kwakapihwa muFreeBSD zvigadziriso 13.1-RELEASE-p5, 12.4-RC2-p2 uye 12.3-RELEASE-p10. Izvo hazvisati zvanyatsojeka kana mamwe masisitimu eBSD ari kukanganiswa nekusagadzikana kwakaonekwa (hapana mishumo yekusagadzikana muNetBSD, DragonFlyBSD uye OpenBSD parizvino).
Kusagadzikana uku kunokonzerwa nekufashukira kwebuffer mukodhi yekuparadzanisa yeICMP meseji yakagamuchirwa mukupindura chikumbiro chekusimbisa. Iyo kodhi yekutumira uye kugamuchira mameseji eICMP muping inoshandisa zvigadziko zvakasvibirira uye inoitwa neropafadzo dzakakwirira (chishandiso chinouya neiyo setuid midzi mureza). Mhinduro yacho inogadziriswa padivi reping kuburikidza nekuvakwazve kweIP uye ICMP misoro yemapaketi akagamuchirwa kubva kune yakaomeswa socket. Iyo yakasarudzwa IP uye ICMP misoro inoteedzerwa mumabuffers ne pr_pack (), pasina kufunga kuti mimwe misoro yakawedzerwa inogona kunge iripo mupaketi mushure meiyo IP musoro.
Misoro yakadaro inotorwa kubva pakiti uye inosanganisirwa mumusoro block, asi haina kuverengerwa kana uchiverenga buffer size. Kana muenzi, achipindura chikumbiro cheICMP chakatumirwa, akadzosera pakiti ine mamwe misoro, zvirimo zvichanyorwa kune imwe nzvimbo iri kunze kwemuganho webuffer pane stack. Nekuda kweizvozvo, munhu anorwisa anogona kunyora anosvika makumi mana mabhayiti edata pane stack, zvichigonesa kubvumira kodhi yavo kuti iite. Kuoma kwedambudziko kunodzikiswa nenyaya yekuti panguva iyo kukanganisa kunoitika, maitiro acho ari mumamiriro ehurongwa hwekufona isolation (capability mode), izvo zvinoita kuti zviome kuwana mukana kune iyo yese system mushure mekushandisa kusazvibata. .
Source: opennet.ru