A vulnerability (CVE-2021-29154) yakaonekwa mune eBPF subsystem, iyo inokutendera kuti umhanye vabati vekutsvaga, kuongorora mashandiro e subsystems uye kutonga traffic, inouraiwa mukati meLinux kernel mumuchina wakasarudzika une JIT, unobvumira a mushandisi wepanzvimbo kuti awane kuurayiwa kwekodhi yavo padanho re kernel. Dambudziko rinoratidzika kusvika pakuburitswa kwe5.11.12 (inosanganisira) uye haisati yagadziriswa mukugovera (Debian, Ubuntu, RHEL, Fedora, SUSE, Arch). Iyo gadziriso inowanikwa sechigamba.
Sekureva kwevaongorori vakaona kusazvibata, vakakwanisa kugadzira prototype yekushandiswa kwe32- uye 64-bit x86 masisitimu, ayo anogona kushandiswa nemushandisi asina rusarura. Nekudaro, Red Hat inocherekedza kuti kuoma kwedambudziko kunoenderana nekuti iyo eBPF system yekufona inowanikwa kune mushandisi. Semuyenzaniso, paRHEL uye mamwe akawanda eLinux kugovera mune yekumisikidza, kusazvibata kunogona kushandiswa kana BPF JIT ikagoneswa uye mushandisi aine CAP_SYS_ADMIN kodzero. Sekushanda, zvinokurudzirwa kudzima BPF JIT uchishandisa murairo: echo 0> /proc/sys/net/core/bpf_jit_enable
Dambudziko rinokonzerwa nekukanganisa pakuverenga iyo offset yemirairo yebazi panguva yemuchina kodhi yekugadzira maitiro eJIT compiler. Kunyanya, kana uchigadzira mirairo yebazi, hazvifungidzire kuti iyo offset inogona kuchinja mushure mekupfuura nepadanho rekugadzirisa. Uku kukanganisa kunogona kushandiswa kugadzira isinganzwisisike muchina kodhi uye kuiita padanho re kernel.
Izvo zvakakosha kuti uku hakusi iko kwega kusagadzikana muBPF subsystem nguva pfupi yadarika. Pakupera kwaKurume, humwe hurema huviri hwakaonekwa mukernel (CVE-2020-27170, CVE-2020-27171), zvichiita kuti zvikwanise kushandisa eBPF kunzvenga dziviriro kubva kuSpecter class vulnerabilities, iyo inobvumira kuona zviri mukati mekernel memory. semugumisiro wekugadzira mamiriro ekufungidzira kwekuita kwemamwe mabasa. Iyo Specter kurwisa inoda kuvepo kweimwe nhevedzano yemirairo mune yakasarudzika kodhi inotungamira kune yekufungidzira kuita kwemirairo. MuBPF, nzira dzakati wandei dzakawanikwa dzekugadzira mirairo yakadai kuburikidza nekunyengedza nemapurogiramu eBPF anofambiswa kuti aurawe.
Kusagadzikana kweCVE-2020-27170 kunokonzerwa nekunongedza kunongedza muBPF verifier izvo zvinokonzeresa kufungidzira mashandiro ekuwana nzvimbo iri kunze kwemiganhu yebuffer. Kusagadzikana kweCVE-2020-27171 kunokonzerwa nekukanganisika kwehuwandu hwekuyerera paunenge uchishanda nemanongedzo, zvichitungamira kune yekufungidzira kuwana data kunze kwebuffer. Matambudziko aya akatogadziriswa mukernel kuburitswa 5.11.8, 5.10.25, 5.4.107, 4.19.182 uye 4.14.227, uye akaverengerwa mune kernel inogadziridza kune akawanda Linux kugovera. Vatsvagiri vakagadzirira prototype yekubiridzira iyo inobvumira mushandisi asina rusarura kuti abvise data kubva kukernel memory.
Source: opennet.ru