Kusagadzikana kuviri kwakaonekwa muLinux kernel (CVE-2023-1281, CVE-2023-1829) iyo inobvumira mushandisi wemuno kukwidziridza maropafadzo avo muhurongwa. Kuita kurwiswa, mvumo yekugadzira nekugadzirisa traffic classifiers inodiwa, inowanikwa neCAP_NET_ADMIN kodzero, iyo inogona kuwanikwa nekugona kugadzira emushandisi mazita. Matambudziko akaonekwa achitangira ku kernel 4.14 uye akagadziriswa mubazi re6.2.
Kusagadzikana kunokonzerwa nekuwana ndangariro mushure mekusunungurwa (kushandisa-mushure-kwemahara) mune tcindex traffic classifier kodhi, inova chikamu cheQoS (Hunhu hwebasa) subsystem yeLinux kernel. Kusagadzikana kwekutanga kunoitika nekuda kwechimiro chenhangemutange kana uchigadziridza suboptimal hashi mafirita, uye kusadzikama kwechipiri kunoitika pakudzima yakakwana hashi sefa. Iwe unogona kutevedzera zvigadziriso mukugoverwa pamapeji anotevera: Debian, Ubuntu, Gentoo, RHEL, SUSE, Fedora, Gentoo, Arch. Kuvhara kushandiswa kwekusagadzikana uchishandisa workaround, unogona kudzima kugona kugadzira mazita nevashandisi vasina rombo rakanaka ("sudo sysctl -w kernel.unprivileged_userns_clone=0").
Source: opennet.ru