Mu interface yeI/O isina kurongeka io_uring inopihwa nekernel LinuxKukuvadzwa (CVE-2024-0582) kwaonekwa kunobvumira mushandisi asina ropafadzo kuwana kodzero dzemidzi pahurongwa. Kushandisa kukuvadzwa uku kunoda mukana wekupinda muhurongwa uhwu zviri nyore, pasina chikonzero chekuchinja nzvimbo dzemazita. Kushandiswa kunoshanda kuri kuwanikwa pachena parizvino, uye nzira yechipiri yekushandisa inotsanangurwawo zvakadzama.
Kusagadzikana uku kunokonzerwa nekuwana kune yakatosunungurwa memory block (kushandisa-mushure-yemahara) muio_uring subsystem, inoitika kana uchinyoresa nekusunungura ring buffer yakagadzirwa neIORING_REGISTER_PBUF_RING mureza. Kana mmap () oparesheni ikaiswa kubhafa, inoramba ichitaridzwa munzvimbo yemushandisi mushure mekunge kuburitsa kwaitwa (IORING_UNREGISTER_PBUF_RING). Uchishandisa chimiro ichi, anorwisa anogona kuverenga nekunyora data kumapeji ekurangarira akadzoserwa kune kernel memory allocation system.
Dambudziko rave riripo kubva pakaburitswa kernel. Linux 6.4 uye yakagadziriswa mu6.7 ne6.6.5 releases, pamwe chete ne6.5.0-21 kernel package yakagadzirirwa Ubuntu 22.04 na 23.10. Zvakakosha kuziva kuti dambudziko iri rakagadziriswa mukernel huru muna Zvita 2023, chirongwa cheGoogle Zero chakaburitsa pachena mushumo webug nezve vulnerability musi wa8 Ndira, uye package ine kernel yakagadziriswa 6.5 ye Ubuntu yakaumbwa musi wa22 Kukadzi, 2024 chete. Mune zvimwe zvikamu, unogona kutevera kugadziriswa uye kuratidzwa kwenjodzi pamapeji anotevera: Debian, Gentoo, RHEL, SUSE, Fedora, Arch.
Kubata kwekutanga kunobata kugadzirwa kwenhamba huru yemapeji endangariro anorwisa-anodzorwa kuti atarise marongero endangariro mu kernel uye kuwana mapeji ekuvakidzana endangariro dzemuviri, uchishandisa zviri mukati mezvakanyatsozadzwa netiweki socket zvimiro semabhekoni. Kuti umhanye kodhi, iyo inoshandiswa inoshandisa "gadget" (kutevedzana kwemirairo iripo mukernel), iyo inotungamira mukuitwa kweiyo call_usermodehelper_exec basa, rakagadzirirwa kuvhura maitiro munzvimbo yemushandisi kubva kukernel.
Chechipiri chekubata chakavakirwa pachokwadi chekuti kana ese mabhurabhu mucache apera (semuenzaniso, kana faira ravhurwa kakawanda), mapeji emahara endangariro ayo anorwisa achiri kuwana anoshandiswa nendangariro yekugovera system kugadzira. new slab block uye ese matsva efaira zvimiro anotanga kuiswa mu block iyi. Saizvozvo, mamwe mafaera anozopedzisira ave mumapeji ekurangarira anogona kuverengerwa nekunyorwa neanorwisa. Kushanda mune iyi nyaya kunosvika pakuronga kupinda kwefaira raunoda mufaira rekuchengetedza uye kutsiva f_mode munda mune yakabatana faira zvimiro, iyo inogadzirisa kodzero dzekuwana, iyo inokutendera iwe kuti uite inodiwa system faira, semuenzaniso, /etc/ passwd, inonyorwa.
Source: opennet.ru
