Intel Si loo baabi'iyo 22 dayacan oo ku jira firmware-ka Motherboard-yada server-ka, nidaamyada server-ka iyo modules-yada xisaabinta. Saddex baylah, oo mid ka mid ah loo qoondeeyey heer halis ah, ( - CVSS 9.6, - CVSS 8.3, - CVSS 4.7) In firmware-ka Emulex Pilot 3 BMC kontoroolka loo isticmaalo alaabta Intel. Nuglaanta ayaa u oggolaanaysa gelitaanka aan la hubin ee konsolka maamulka fog (KVM), ka gudubta aqoonsiga marka lagu dayanayo aaladaha kaydinta USB, oo waxay keenaysaa qulqul fog oo qulqulaya kernel Linux ee loo isticmaalo BMC.
Nuglaanta CVE-2020-8708 waxay u oggolaanaysaa weeraryahan aan la aqoonsan oo marin u leh qayb shabakad wadaag ah oo maxalli ah oo leh server-ka nugul si uu u galo deegaanka xakamaynta BMC. Waxaa la xusay in farsamada looga faa'iidaysto nuglaanta ay tahay mid aad u fudud oo la isku halayn karo, maadaama ay dhibaatadu ka dhalatay khaladka dhismaha. Waxaa intaa dheer, sida laga soo xigtay Ka dib markii cilmi-baaruhu aqoonsaday baylahda, la shaqaynta BMC iyada oo loo marayo ka faa'iidaysi aad bay uga sahlan tahay isticmaalka macmiilka Java caadiga ah. Qalabka ay dhibaatadu saameysey waxaa ka mid ah qoysaska nidaamka server-ka Intel R1000WT, R2000WT, R1000SP, LSVRP, LR1304SP, R1000WF iyo R2000WF, Motherboards S2600WT, S2600CW, S2600KP, S2600ST, S1200, S2600, S2600, S2600, S2600, S2600, S2600, S1.59, SXNUMX, SXNUMX, SXNUMX, SXNUMX, SXNUMX, SXNUMX, SXNUMX, SXNUMX, SXNUMX, SXNUMX, SXNUMX, SXNUMX, SXNUMX, SXNUMX, SXNUMX, SXNUMX, LSVRP, LRXNUMX, iyo LSVRP. XNUMX XNUMXBP, iyo sidoo kale xisaabinta Qaybaha HNSXNUMXKP, HNSXNUMXTP iyo HNSXNUMXBP . Nuglaanta waxaa lagu hagaajiyay cusboonaysiinta firmware XNUMX.
Sida aan rasmi ahayn Firmware-ka BMC Emulex Pilot 3 waxaa qoray AMI, sidaas darteed muujinta nuglaanshaha nidaamyada ka soo saarayaasha kale. Dhibaatooyinku waxay ku jiraan balastar dibadda ah oo ku jira kernel Linux iyo habka kontoroolka user-space, code kaas oo lagu garto cilmi-baadhaha dhibaatada u aqoonsaday inuu yahay koodkii ugu xumaa ee abid la kulmo.
Aynu dib u xasuusanno in BMC ay tahay kontaroole khaas ah oo lagu rakibay server-yada, kaas oo leh CPU, xusuusta, kaydinta iyo codaynta dareeraha u gaar ah, kaas oo bixiya interface hoose oo loogu talagalay la socodka iyo maaraynta qalabka server-ka. Isticmaalka BMC, iyada oo aan loo eegin nidaamka hawlgalka ee ku shaqeeya server-ka, waxaad la socon kartaa heerka dareemayaasha, maareyn kartaa awoodda, firmware iyo saxanadaha, abaabuli kartaa bootinta fog ee shabakada, hubi shaqada qalabka konsole ee fogaanta, iwm.
Source: opennet.ru