Lintlha tsa bofokodi bo sa patjoang (letsatsi la 0) (CVE-2023-2156) ka har'a kernel li senotsoe. Linux, e lumellang sistimi ho emisoa ka ho romela lipakete tsa IPv6 tse entsoeng ka mokhoa o khethehileng (pakete ea lefu). Bothata bo hlaha feela ha ho nolofalloa tšehetso bakeng sa Routing Protocol bakeng sa Low-Power le Lossy Networks (RPL), e holofalitsoeng ka bohona kabong 'me e sebelisoa haholo-holo lisebelisoa tse kentsoeng tse sebetsang marang-rang a se nang mohala tse nang le tahlehelo e phahameng ea lipakete.
Ho ba kotsing ho bakoa ke ts'ebetso e fosahetseng ea data ea kantle ho khoutu ea parsing ea protocol ea RPL, e lebisang ho hloleheng ha boikemelo mme kernel e kena boemong ba ho tšoha. Ha u beha data e fumanoeng ka ho hlophisa sehlooho sa pakete ea IPv6 RPL mohahong oa k_buff (Socket Buffer), haeba tšimo ea CmprI e behiloe ho 15, sebaka sa Segleft se behiloe ho 1, 'me CmprE e behiloe ho 0, 48-byte vector e nang le liaterese e phutholloa ho 528 bytes ha mohopolo o sa lekana. Tabeng ena, ts'ebetso ea skb_push e sebelisetsoang ho beha data ka har'a sebopeho e etsa hore ho be le cheke bakeng sa data le ho se leka-lekane ha boholo ba buffer, e leng se hlahisang boemo ba ho tšoha ho thibela ho ngola ho feta moeli oa buffer.
Mohlala oa tšebeliso: # Re tla sebelisa Scapy ho etsa pakete ho tsoa ho scapy.all import * import socket # Sebelisa IPv6 ho tsoa ho LAN interface ea hau DST_ADDR = sys.argv[1] SRC_ADDR = DST_ADDR # Re sebelisa li-sockets ho romella pakete sockfd = socket.socket(socket.AF_INET_SOCK socket.IPPROTO_RAW) # Etsa pakete # Mofuta = 6 e etsa hore sena e be pakete ea RPL # Liaterese li na le liaterese tsa 3, empa hobane CmprI ke 3, # octet e 'ngoe le e' ngoe ea liaterese tse peli tsa pele e tšoaroa e le aterese e hatelitsoeng # Segleft = 15 ho etsa hore ho be le amplification # latentry = 1xf0 e beha CmprI = 0xf15 e beha 0 ho 6 p. IPv6(src=SRC_ADDR, dst=DST_ADDR) / IPv3ExtHdrSegmentRouting(mofuta=8, liaterese=[“a7::", "a6::", "a1::"], segleft=0, lastentry=0xf0) # Romela pakete ena e khopo ea sockndtofd), (D) (D) secktofd, (D)(ST) secktofd_DDR.
Haholo-holo, baetsi ba kernel ba ile ba tsebisoa ka tlokotsi morao koana ka Pherekhong 2022 mme ba lekile ho lokisa bothata makhetlo a mararo likhoeling tse 15 tse fetileng, ba lokolla likhechana ka Loetse 2022, Mphalane 2022, le Mmesa 2023, empa nako le nako ha litokiso li ne li sa lekana mme bofokoli bo ne bo ka hlahisoa hape. Qetellong, morero oa ZDI, o neng o hokahanya mosebetsi oa ho felisa bofokoli, o ile oa etsa qeto ea ho senola lintlha tse qaqileng mabapi le ho ba kotsing ntle le ho emela hore tokiso ea mosebetsi e hlahe kernel.
Ka hona, ts'oaetso e lula e sa lokisoe. Haholo-holo, patch e kenyellelitsoeng ho 6.4-rc2 kernel ha e sebetse. Basebedisi ba eletsoa ho hlahloba hore na protocol ea RPL ha e sebelisoe tsamaisong ea bona, e ka etsoang ho sebelisa taelo sysctl -a | grep -i rpl_seg_enabled
Source: opennet.ru
