Mune vatyairi veBroadcom wireless chips
Matambudziko akaonekwa nereverse engineering iyo Broadcom firmware. Iwo machipisi akakanganisika anoshandiswa zvakanyanya mumalaptops, mafoni uye akasiyana emidziyo yevatengi, kubva kuSmartTVs kuenda kuInternet yezvinhu zvishandiso. Kunyanya, machipisi eBroadcom anoshandiswa mumafoni kubva kuvagadziri vakaita seApple, Samsumg uye Huawei. Zvinokosha kuziva kuti Broadcom yakaziviswa nezvekusagadzikana kumashure munaGunyana 2018, asi zvakatora inenge mwedzi 7 kuburitsa zvigadziriso mukubatana nevagadziri vemidziyo.
Kukanganisa kuviri kunokanganisa firmware yemukati uye kunogona kubvumidza kodhi kuti iitwe munharaunda yeanoshanda sisitimu inoshandiswa muBroadcom chips, izvo zvinoita kuti zvikwanise kurwisa nharaunda dzisingashandisi Linux (semuenzaniso, mukana wekurwisa Apple zvishandiso wakasimbiswa.
Kusagadzikana kwemutyairi kunoonekwa mune ese ari maviri wl mutyairi (SoftMAC uye FullMAC) uye yakavhurika sosi brcmfmac (FullMAC). Maviri mabhafa mafashama akaonekwa mumutyairi wewl, akashandiswa apo nzvimbo yekupinda inotumira yakarongedzerwa mameseji eEAPOL panguva yekubatanidza kutaurirana maitiro (kurwiswa kunogona kuitwa kana uchibatanidza kune yakaipa yekupinda nzvimbo). Panyaya yechip neSoftMAC, kusasimba kunotungamira mukukanganisika kweiyo system kernel, uye mune yeFullMAC, iyo kodhi inogona kuurayiwa padivi re firmware. bcmfmac ine buffer kufashukira uye furemu yekutarisa kukanganisa yakashandiswa nekutumira mafuremu ekudzora. Matambudziko nemutyairi webrcmfmac muLinux kernel
Zvinozivikanwa vulnerabilities:
- CVE-2019-9503 - hunhu husina kunaka hwemutyairi webrcmfmac kana uchigadzira mafuremu ekudzora anoshandiswa kupindirana neiyo firmware. Kana furemu ine chiitiko che firmware ichibva kune yekunze sosi, mutyairi anoirasa, asi kana chiitiko ichi chikagamuchirwa kuburikidza nemukati bhazi, furemu inosvetuka. Dambudziko nderokuti zviitiko kubva kune zvigadzirwa zvinoshandisa USB zvinoparidzirwa kuburikidza nebhazi remukati, izvo zvinobvumira vanorwisa kuti vabudirire kutumira firmware control frames pavanoshandisa madhigirii asina waya ane USB interface;
- CVE-2019-9500 - Kana iyo "Wake-up on Wireless LAN" ficha ikagoneswa, zvinokwanisika kukonzera murwi kufashukira mubrcmfmac mutyairi (basa brcmf_wowl_nd_results) nekutumira yakanyatsogadziridzwa yekudzora furemu. Kusagadzikana uku kunogona kushandiswa kuronga kuurayiwa kwekodhi mune huru sisitimu mushure mekunge chip yakanganiswa kana musanganiswa neCVE-2019-9503 kusagadzikana kwekupfuura cheki kana chiitiko chekutumira kure chekudzora furemu;
- CVE-2019-9501 - buffer inofashukira mumutyairi wewl (iyo wrc_wpa_sup_eapol basa) inoitika kana kugadzirisa mameseji ane ruzivo rwemugadziri wemunda wemukati anopfuura makumi matatu nemaviri bytes;
- CVE-2019-9502 - Iyo buffer inofashukira muwl mutyairi (wlc_wpa_plumb_gtk basa) inoitika kana kugadzirisa mameseji ane ruzivo rwemugadziri wemunda wemukati unodarika 164 bytes.
Source: opennet.ru