Letoto la bofokoli le 'nile la tsejoa ho swhkd (Simple Wayland HotKey Daemon) e bakoang ke mosebetsi o fosahetseng ka lifaele tsa nakoana, li-parameter tsa line ea litaelo le li-sockets tsa Unix. Lenaneo le ngotsoe ka Rust 'me le sebetsana le ho tobetsa hotkey libakeng tse thehiloeng ho protocol ea Wayland (analogue e lumellanang le faele ea sxhkd e sebelisoang libakeng tse thehiloeng ho X11).
Sephutheloana sena se kenyelletsa ts'ebetso e sa tsitsang ea swhks e etsang liketso tsa hotkey, le ts'ebetso ea morao-rao ea swhkd e sebetsang joalo ka motso le ho sebelisana le lisebelisoa tsa ho kenya boemong ba API ea uinput. Sokete ea Unix e sebelisoa ho hlophisa tšebelisano lipakeng tsa swhks le swhkd. U sebelisa melao ea Polkit, mosebelisi e mong le e mong oa lehae a ka tsamaisa /usr/bin/swhkd ts'ebetso e le motso mme a fetisa liparamente tse ling ho eona.
Bofokoli bo bonts'itsoeng:
- CVE-2022-27815 - Ho boloka PID ea ts'ebetso faeleng e nang le lebitso le tsebahalang le bukeng e ngoloang ke basebelisi ba bang (/tmp/swhkd.pid). Mosebelisi e mong le e mong a ka etsa faele /tmp/swhkd.pid mme a kenya pid ea ts'ebetso e teng ho eona, e tla etsa hore swhkd e se ke ea qala. Haeba ho se na tšireletso khahlanong le ho theha lihokelo tsa tšoantšetso ho /tmp, ho ba kotsing ho ka sebelisoa ho theha kapa ho hlakola lifaele bukeng efe kapa efe ea sistimi (PID e ngoletsoe faeleng) kapa ho tseba litaba tsa faele efe kapa efe ho sistimi (swhkd e hatisa dikahare tsohle tsa faele ea PID ho stdout). Hoa hlokomeleha hore tokisong e lokolotsoeng faele ea PID ha ea ka ea fetisetsoa ho /run directory, empa ho / joalo-joalo (/etc/swhkd/runtime/swhkd_{uid}.pid), moo le eona e seng ea eona.
- CVE-2022-27814 - Ka ho qhekella "-c" khetho ea mola oa taelo e sebelisoang ho hlakisa faele ea tlhophiso, hoa khonahala ho tseba hore na faele efe kapa efe tsamaisong e teng. Ka mohlala, ho hlahloba /root/.somefile u ka matha "pkexec /usr/bin/swhkd -d -c /root/.somefile" 'me haeba faele e le sieo, phoso "/root/.somefile ha e eo. ” e tla hlahisoa. Joalo ka boemong ba tlokotsi ea pele, ho lokisa bothata hoa makatsa - ho lokisa bothata ho ipapisitse le taba ea hore ts'ebeliso ea kantle "katse" ('Command::new("/bin/cat")).arg(path) e se e qalisoa ho bala faele ea tlhophiso. output()').
- CVE-2022-27819 - Taba e boetse e amana le tšebeliso ea khetho ea "-c", e etsang hore faele eohle ea tlhophiso e kenngoe le ho aroloa ntle le ho hlahloba boholo le mofuta oa faele. Mohlala, ho etsa hore motho a hane tšebeletso ka ho felloa ke mohopolo oa mahala le ho theha I/O ea bohata, o ka hlakisa sesebelisoa sa block qalong ("pkexec / usr/bin/swhkd -d -c /dev/sda") kapa sesebelisoa sa litlhaku se hlahisang lethathamo le sa feleng la data . Bothata bo ile ba rarolloa ka ho tsosolosa litokelo pele u bula faele, empa tokiso e ne e sa phethoa, kaha ke ID feela ea mosebedisi (UID) e tsosolositsoeng, empa ID ea sehlopha (GID) e ntse e tšoana.
- CVE-2022-27818 - Socket ea Unix e entsoe ka ho sebelisa faele ea /tmp/swhkd.sock e entsoeng bukeng e ngoloang, e lebisang litabeng tse ts'oanang le ts'oaetso ea pele (mosebelisi ofe kapa ofe a ka theha /tmp/swhkd.sock le ho hlahisa kapa ho thibela diketsahalo tsa ho tobetsa konopo).
- CVE-2022-27817 - Liketsahalo tsa ho kenya li amoheloa ho tsoa ho lisebelisoa tsohle le ka linako tsohle, i.e. mosebelisi ea tsoang lenaneong le leng la Wayland kapa ho tsoa ho console a ka thibela liketsahalo ha li-hotkey li hatelloa ke basebelisi ba bang.
- CVE-2022-27816 Ts'ebetso ea swhks, joalo ka swhkd, e sebelisa faele ea PID /tmp/swhks.pid bukeng e ngoloang /tmp. Bothata bo ts'oana le bofokoli ba pele, empa ha bo kotsi joalo hobane li-SWhks li sebetsa tlasa mosebelisi ea se nang tokelo.
Source: opennet.ru