Kotsi e 'ngoe e fumanoe ka har'a sistimi e tlase ea eBPF (ha ho na CVE), joalo ka bothata ba maobane bo lumellang mosebelisi ea se nang tokelo ea lehae hore a phethe khoutu boemong ba Linux kernel. Bothata esale bo hlaha ho tloha Linux kernel 5.8 mme e lula e sa lokisoe. Ts'ebetso ea ts'ebetso e ts'episitsoe hore e tla phatlalatsoa ka la 18 Pherekhong.
Bofokoli bo bocha bo bakoa ke netefatso e fosahetseng ea mananeo a eBPF a fetisoang hore a phethoe. Haholo-holo, verifier ea eBPF ha ea ka ea thibela ka mokhoa o nepahetseng mefuta e meng ea *_OR_NULL pointers, e leng se entseng hore ho khonehe ho laola lintlha tse tsoang mananeong a eBPF le ho finyella keketseho ea litokelo tsa bona. Ho thibela ts'ebeliso ea bofokoli, ho khothaletsoa ho thibela ts'ebetso ea mananeo a BPF ke basebelisi ba se nang tokelo ka taelo "sysctl -w kernel.unprivileged_bpf_disabled=1".
Source: opennet.ru