ProHoster > Blog > litaba tsa inthanete > Ho ba kotsing ea hole ho liboto tsa seva tsa Intel tse nang le BMC Emulex Pilot 3

Ho ba kotsing ea hole ho liboto tsa seva tsa Intel tse nang le BMC Emulex Pilot 3

Intel tlalehiloe mabapi le ho felisa bofokoli ba 22 ho firmware ea liboto tsa eona tsa li-server, li-server le li-module tsa khomphutha. Mefokolo e meraro, e 'ngoe ea eona e abetsoe boemo bo boima, (CVE-2020-8708 - CVSS 9.6, CVE-2020-8707 - CVSS 8.3, CVE-2020-8706 - CVSS 4.7) hlaha ho firmware ea Emulex Pilot 3 BMC controller e sebelisoang lihlahisoa tsa Intel. Bofokoli bo lumella phihlello e sa netefatsoang ho "remote management console" (KVM), netefatso ea ho feta ha o etsisa lisebelisoa tsa polokelo ea USB, 'me e baka hore buffer e hole e tlalehe ka har'a kernel ea Linux e sebelisoang ho BMC.

Kotsi ea CVE-2020-8708 e lumella mohlaseli ea sa netefatsoang hore a be le phihlello ea karolo e tloaelehileng ea marang-rang ea lehae ka seva e tlokotsing ho fumana phihlello ea tikoloho ea taolo ea BMC. Hoa hlokomeleha hore mokhoa oa ho sebelisa ts'oaetso o bonolo haholo ebile o ka tšeptjoa, kaha bothata bo bakoa ke phoso ea meralo. Ho feta moo, ho ea ka ho latela Kamora hore mofuputsi a tsebe ho ba kotsing, ho sebetsa le BMC ka tšebeliso e mpe ho bonolo ho feta ho sebelisa moreki ea tloaelehileng oa Java. Har'a lisebelisoa tse anngoeng ke bothata bona ke malapa a Intel server systems R1000WT, R2000WT, R1000SP, LSVRP, LR1304SP, R1000WF le R2000WF, motherboards S2600WT, S2600CW, S2600KP, S2600KP, S1200S2600SP, S2600SP2600SP, S2600SP2600SP, S2600SP1.59SP, SXNUMX SXNUMXSP, SXNUMX STP, SXNUMX STP XNUMX XNUMXBP, hammoho le komporo lintlha tsa HNSXNUMXKP, HNSXNUMXTP le HNSXNUMXBP . Bofokoli bo ile ba lokisoa ho ntlafatso ea firmware XNUMX.

Ho ea ka e seng ea semmuso data Firmware ea BMC Emulex Pilot 3 e ngotsoe ke AMI, kahoo e sa qheleloe ka thoko ponahatso ea bofokoli ho litsamaiso tse tsoang ho bahlahisi ba bang. Mathata a teng ho li-patches tsa ka ntle ho Linux kernel le mokhoa oa ho laola sebaka sa mosebedisi, khoutu ea eona e khetholloang ke mofuputsi ea fumaneng bothata e le khoutu e mpe ka ho fetisisa eo a kileng a kopana le eona.

A re hopoleng hore BMC ke molaoli ea khethehileng ea kentsoeng ka har'a li-server, tse nang le li-interfaces tsa eona tsa CPU, memori, polokelo le li-sensor polling, tse fanang ka sebopeho sa boemo bo tlaase bakeng sa ho shebella le ho laola lisebelisoa tsa seva. U sebelisa BMC, ho sa tsotelehe sistimi e sebetsang ho seva, o ka hlokomela boemo ba li-sensor, ho laola matla, firmware le li-disks, ho hlophisa booting e hole holim'a marang-rang, ho netefatsa ts'ebetso ea komporo ea phihlello e hole, jj.

Source: opennet.ru

Eketsa ka tlhaloso