Ubuthathaka (CVE-2022-1972) ichongiwe kwi-Netfilter kernel subsystem, efana nengxaki echazwe ekupheleni kukaMeyi. Ubuthathaka obutsha bukwavumela umsebenzisi wasekhaya ukuba afumane amalungelo engcambu kwinkqubo ngokusetyenziswa kwemithetho kwi-nftables kwaye ifuna ukufikelela kwi-nftables ukwenza uhlaselo, olunokuthi lufumaneke kwindawo yamagama eyahlukileyo (indawo yegama lomnatha okanye indawo yegama lomsebenzisi) nge-CLONE_NEWUSER, CLONE_NEWNS okanye CLONE_NEWNET amalungelo (umzekelo , ukuba kunokwenzeka ukuqhuba isikhongozeli esisodwa).
Umba ubangelwa bug kwikhowudi yokuphatha uluhlu olucwangcisiweyo olunemihlaba ebandakanya uluhlu oluninzi, kwaye iziphumo zokubhala ngaphandle kwemida xa kusetyenzwa ngokukhethekileyo iiparameters zoluhlu. Abaphandi baye bakwazi ukulungiselela i-exploit esebenzayo ukufumana amalungelo engcambu kwi-Ubuntu 21.10 kunye ne-5.13.0-39-generic kernel. Ukuba sesichengeni kubonakala ukuqala kwi-kernel 5.6. Ulungiso lubonelelwa njengepetshi. Ukuvala ukusetyenziswa komngcipheko kwiinkqubo eziqhelekileyo, kufuneka uqiniseke ukuba uvala amandla okwenza izithuba zamagama kubasebenzisi abangenalungelo (βsudo sysctl -w kernel.unprivileged_userns_clone=0β).
Ukongeza, ulwazi luye lwapapashwa malunga nobuthathaka obuthathu bekernel ezinxulumene nenkqubo ephantsi ye-NFC. Ubuthathaka bunokubangela ungqubano ngezenzo ezenziwa ngumsebenzisi ongafanelekanga (izixhobo zokuhlasela eziyingozi azikaboniswa):
- I-CVE-2022-1734 kukufowuna emva kwememori esimahla kumqhubi we-nfcmrvl (abaqhubi/nfc/nfcmrvl), eyenzeka xa ulinganisa isixhobo se-NFC kwindawo yomsebenzisi.
- I-CVE-2022-1974 - Umnxeba osele ukhululiwe kwimemori yenzeke kwimisebenzi ye-netlink yezixhobo ze-NFC (/net/nfc/core.c), eyenzeka xa kubhaliswa isixhobo esitsha. Njengobuthathaka obudlulileyo, ingxaki ingasetyenziswa ngokulinganisa isixhobo se-NFC kwindawo yomsebenzisi.
- I-CVE-2022-1975 yimpazamo kwikhowudi yokulayisha i-firmware yezixhobo ze-NFC ezinokuxhatshazwa ukuze kubangele imeko "yoloyiko".
umthombo: opennet.ru