Muchikamu che eBPF, chinokutendera kuti ushandise ma handlers ekutevera, kuongorora mashandiro echikamu uye manejimendi yetraffic, zvinoitwa mukati me kernel. Linux Dambudziko (CVE-2021-29154) rakawanikwa mumuchina chaiwo weJIT, zvichibvumira mushandisi wemunharaunda kushandisa kodhi yake padanho rekernel. Dambudziko iri richiripo kusvika pakuburitswa 5.11.12 uye harisati ragadziriswa mukugoverwa (Debian, Ubuntu, RHEL, Fedora, SUSE, Arch). Kugadzirisa kunowanikwa sechigamba.
Sekureva kwevaongorori vakawana dambudziko iri, vakagadzira prototype inoshanda ye32- ne64-bit x86 systems inogona kushandiswa nemushandisi asina ropafadzo. Red Hat inotaura kuti kuoma kwedambudziko iri kunoenderana nekuti mushandisi anogona kuwana eBPF system call. Semuenzaniso, muRHEL nedzimwe nzira dzakawanda dzekugovera. Linux Mukugadzirisa kwakajairika, kushaya simba kunogona kushandiswa kana BPF JIT ikagoneswa uye mushandisi ane CAP_SYS_ADMIN ropafadzo. Senzira yekugadzirisa dambudziko, zvinokurudzirwa kudzima BPF JIT uchishandisa murairo unoti: echo 0 > /proc/sys/net/core/bpf_jit_enable
Dambudziko rinokonzerwa nekukanganisa pakuverenga iyo offset yemirairo yebazi panguva yemuchina kodhi yekugadzira maitiro eJIT compiler. Kunyanya, kana uchigadzira mirairo yebazi, hazvifungidzire kuti iyo offset inogona kuchinja mushure mekupfuura nepadanho rekugadzirisa. Uku kukanganisa kunogona kushandiswa kugadzira isinganzwisisike muchina kodhi uye kuiita padanho re kernel.
Izvo zvakakosha kuti uku hakusi iko kwega kusagadzikana muBPF subsystem nguva pfupi yadarika. Pakupera kwaKurume, humwe hurema huviri hwakaonekwa mukernel (CVE-2020-27170, CVE-2020-27171), zvichiita kuti zvikwanise kushandisa eBPF kunzvenga dziviriro kubva kuSpecter class vulnerabilities, iyo inobvumira kuona zviri mukati mekernel memory. semugumisiro wekugadzira mamiriro ekufungidzira kwekuita kwemamwe mabasa. Iyo Specter kurwisa inoda kuvepo kweimwe nhevedzano yemirairo mune yakasarudzika kodhi inotungamira kune yekufungidzira kuita kwemirairo. MuBPF, nzira dzakati wandei dzakawanikwa dzekugadzira mirairo yakadai kuburikidza nekunyengedza nemapurogiramu eBPF anofambiswa kuti aurawe.
Vulnerability CVE-2020-27170 inokonzerwa nekuchinja kwepointer muBPF verifier, zvichikonzera kufungidzira kwekunze kwemiganhu. Vulnerability CVE-2020-27171 ine chekuita nekukanganisa kwenhamba yenhamba pasi pemagetsi pakubata mapointer, zvichikonzera kufungidzira kwekunze kwemiganhu. Matambudziko aya atogadziriswa mu kernel releases 5.11.8, 5.10.25, 5.4.107, 4.19.182, uye 4.14.227, uye anowanikwawo mu kernel updates kune akawanda ma distributions. LinuxVatsvaguri vakagadzira prototype exploit inobvumira mushandisi asina rombo kutora data kubva mu kernel memory.
Source: opennet.ru
