ProHoster > Π‘Π»ΠΎΠ³ > wararka internetka > Nuglaanta darawallada ee Broadcom WiFi chips, oo kuu oggolaanaya inaad meel fog ka weerarto nidaamka

Nuglaanta darawallada ee Broadcom WiFi chips, oo kuu oggolaanaya inaad meel fog ka weerarto nidaamka

Wadayaasha loogu talagalay chips-ka wireless-ka ee Broadcom kashifay afar baylahda. Xaaladda ugu fudud, baylahda waxaa loo isticmaali karaa in meel fog laga keeno diidmo adeeg, laakiin xaaladaha lagama saari karo taas oo ka faa'iidaysiga la samayn karo taas oo u oggolaanaysa weeraryahan aan la aqoonsan inuu ku fuliyo koodka mudnaanta kernel Linux isagoo soo diraya baakado si gaar ah loo habeeyay.

Dhibaatooyinka waxaa lagu aqoonsaday injineernimada kaaliyaha Broadcom firmware. Chips-yada ay saameysay ayaa si weyn loogu isticmaalaa laptop-yada, taleefannada casriga ah iyo aaladaha kala duwan ee macaamiisha, laga bilaabo SmartTV-yada iyo aaladaha Internetka ee Waxyaabaha. Gaar ahaan, Broadcom chips waxaa loo isticmaalaa talefannada casriga ah ee soo saareyaasha sida Apple, Samsumg iyo Huawei. Waxaa xusid mudan in Broadcom la ogeysiiyay dayacanka Sebtembar 2018, laakiin waxay qaadatay ilaa 7 bilood in la sii daayo hagaajinta iyada oo la kaashanaysa soosaarayaasha qalabka.

Labo baylahdu waxay saameeyaan firmware-ka gudaha waxayna suurtogal u tahay inay oggolaadaan in koodka lagu fuliyo deegaanka nidaamka qalliinka ee loo isticmaalo chips Broadcom, taas oo suurtogal ka dhigaysa in la weeraro deegaannada aan isticmaalin Linux (tusaale ahaan, suurtagalnimada weerarrada aaladaha Apple ayaa la xaqiijiyay. CVE-2019-8564). Aynu dib u xasuusanno in qaar ka mid ah chips-yada Broadcom Wi-Fi ay yihiin processor-ka takhasuska leh (ARM Cortex R4 ama M3), kaas oo ku shaqeeya nidaam hawleed la mid ah oo leh hirgelinta xirmooyinkiisa wireless-ka ah ee 802.11 (FullMAC). Chips-yadan oo kale, darawalku wuxuu xaqiijiyaa isdhexgalka nidaamka ugu weyn ee Wi-Fi chip firmware. Si aad si buuxda u maamusho nidaamka ugu muhiimsan ka dib markii FullMAC la jabiyay, waxaa la soo jeediyay in la isticmaalo nuglaanta dheeraadka ah ama, chips-yada qaarkood, ka faa'iidayso helitaanka buuxda ee xasuusta nidaamka. Chips-yada leh SoftMAC, xirmada bilaa-waayirka ah ee 802.11 waxaa laga hirgaliyay dhanka darawalka waxaana lagu fuliyay nidaamka CPU.

Nuglaanta darawallada ee Broadcom WiFi chips, oo kuu oggolaanaya inaad meel fog ka weerarto nidaamka

Nuglaanta darawaladu waxay ka muuqdaan labada darawalka wllaha ah (SoftMAC iyo FullMAC) iyo isha furan ee brcmfmac (FullMAC). Laba qulqul oo buuxdhaafay ayaa laga helay darawalka wl, laga faa'iidaystay marka barta gelitaanka ay gudbiso farriimaha EAPOL si gaar ah loo qaabeeyey intii lagu jiray nidaamka gorgortanka xidhiidhka (weerarku waxa la qaadi karaa marka lagu xidho barta gelitaanka xaasidnimada). Xaaladda chip-ka leh SoftMAC, dayacanka ayaa horseedaya tanaasulka kernel-ka nidaamka, iyo kiiska FullMAC, koodhka waxaa lagu fulin karaa dhinaca firmware-ka. bcmfmac waxa uu ka kooban yahay qulqulka xad dhaafka ah iyo cilada hubinta jir ee laga faa'iidaysto iyadoo la dirayo fiimyada xakamaynta. Dhibaatooyinka darawalka bcmfmac ee ku jira kernel Linux Waxa ay ahayd meesha laga saaray bisha Febraayo.

Nuglaanta la aqoonsaday:

  • CVE-2019-9503 - dabeecad aan sax ahayn ee darawalka bcmfmac marka la farsameynayo xirmooyinka kantaroolka ee loo isticmaalo in lagula falgalo firmware-ka. Haddii fareeshka leh dhacdo firmware ah uu ka yimaado ilo dibadeed, darawalku wuu tuurayaa, laakiin haddii dhacdada lagu helo baska gudaha, jirku waa la boodaa. Dhibaatadu waxay tahay in dhacdooyinka ka imanaya aaladaha isticmaalaya USB lagu kala qaado baska gudaha, kaas oo u oggolaanaya weeraryahannada inay si guul leh u gudbiyaan xirmooyinka xakamaynta firmware marka la isticmaalayo adapters wireless-ka leh interface USB;
  • CVE-2019-9500 - Marka qaabka "Wake-up on Wireless LAN" la kartiyeeyo, waxaa suurtogal ah in lagu keeno qulqulka qulqulka darawalka brcmfmac (shaqada brcmf_wowl_nd_results) adoo soo diraya qaab kontorool oo si gaar ah wax looga beddelay. Nuglaantan waxaa loo isticmaali karaa in lagu abaabulo fulinta code ee nidaamka ugu muhiimsan ka dib markii chip la waxyeeleeyay ama lagu daro u nuglaanta CVE-2019-9503 ee hubinta la dhaafo haddii ay dhacdo diridda fog ee jir kantaroolka;
  • CVE-2019-9501 - bakhaar ku qulqulaya darawalka wl (hawlaha wlc_wpa_sup_eapol) kaas oo dhaca marka la habeeyo fariimaha kuwaas oo macluumaadka soo saaraha ka badan yahay 32 bytes;
  • CVE-2019-9502 - Bakhaar buuxdhaafay darawalka wl (wlc_wpa_plumb_gtk function) waxay dhacdaa marka la habeeyo fariimaha kuwaas oo macluumaadka soo saaraha ka badan yahay 164 bytes.

Source: opennet.ru

Add a comment