Eyona nto iphambili Linux Ubuthathaka besine (CVE-2026-46300) buchongiwe kwiiveki ezimbini ezidlulileyo. Olu buthathaka luvumela umsebenzisi ongenamalungelo ukuba afumane amalungelo eengcambu ngokubhala ngaphezulu idatha kwi-cache yephepha. Ubuthathaka bubizwa ngokuba yiFragnesia, okanye iCopy Fail 3.0. Ubuthathaka bufana nobuthathaka beCopy Fail kunye neDirty Frag obuchazwe ngaphambili. NjengeDirty Frag, ubuthathaka obutsha bukhona kwinkqubo encinci ye-xfrm-ESP, kodwa bubangelwa yimpazamo eyahlukileyo kwaye bufuna ukulungiswa okwahlukileyo. Kukho i-exploit esebenzayo.
Ubuthathaka bubonakala kwiinkozo Linux, ikhutshwe emva komhla wesi-5 kuMeyi, ngenxa yokusebenza ngengozi kwe-Dirty Frag vulnerability patch. Ukujongana nobuthathaka be-Fragnesia kernel Linux Kucetywe ukulungiswa. Uhlalutyo lwale ngxaki lubonise ukuba ayonelanga, emva koko kwalungiswa esinye isiqwenga.
Ubungonakali bukhona kwinkqubo engaphantsi ye-xfrm yokusebenzisa indlela yokufaka i-Encapsulating Security Payload (ESP) kwi-TCP (ESP-in-TCP, RFC 8229), esetyenziselwa ukuhambisa ithrafikhi ye-IPsec ngaphezulu kwe-TCP. Ukuthintela ukubethelwa okungeyomfuneko, imisebenzi esebenzisa i-algorithm ye-AES-GCM yenziwe endaweni yayo ngokwenza umsebenzi we-XOR kwidatha ekwi-page cache. Impazamo engqiqweni yenze iimeko ezivumela ukubhala ngaphezulu i-byte enye kwi-page cache kwi-offset echaziweyo. Ukuphinda le misebenzi kuvumele umxholo wayo nayiphi na ifayile kwi-page cache ukuba iguqulwe i-byte nge-byte.
Yonke imisebenzi yokufunda iifayile iqala ngokufumana umxholo kwi-cache yephepha. Ukuba idatha ekwi-cache yephepha itshintshiwe, imisebenzi yokufunda iifayile iya kubuyisela idatha etshintshiweyo, hayi ulwazi olugcinwe kwi-drive. Ukusetyenziswa kobuthathaka kubandakanya ukuguqula i-cache yephepha kwifayile esebenzisekayo eneflegi ye-suid root, efundwa ngaphambili ukuze ifakwe kwi-cache yephepha. Kwi-exploit ecetywayo ngabaphandi, ii-bytes zokuqala ezili-192 zefayile ye-/usr/bin/su kwi-cache yephepha zibhalwa ngaphezulu ngekhowudi yokuqalisa i-/usr/bin/sh. Ukuphunyezwa okulandelayo kwesixhobo se-"su" kubangela ukuba ikopi eguquliweyo evela kwi-cache yephepha ilayishwe kwimemori, kungekhona ifayile yokuqala esebenzisekayo evela kwi-drive.
Ukuze usebenzise ubutshaba beFragnesia, kufuneka kusebenze izithuba zamagama zomsebenzisi kwinkqubo. Ubuntu Olu sebenzi lukhutshaziwe ngokungagqibekanga, kodwa lunokwenziwa lusebenze nge-"kernel.apparmor_restrict_unprivileged_userns=0" sysctl okanye iiprofayili ze-AppArmor. Kwezinye iindawo zokusasazwa, ukufikelela kwi-"user namespace" yabasebenzisi abangenamalungelo kuxhomekeke kulungiselelo lwe-sysctl lwe-"kernel.unprivileged_userns_clone" (ukuba yi-0, ikhutshaziwe).
Uhlaziyo lweKernel patch Linux kunye neepakethe zekernel kulwabiwo azikapapashwa. Imeko yokulungiswa kobuthathaka kulwabiwo ingavavanywa kwezi phepha: Debian, Ubuntu, SUSE/openSUSE, RHEL, Gentoo, Arch, Fedora. Njengendlela yokusombulula ingxaki, ungathintela ukulayishwa kweemodyuli ze-kernel ze-esp4 kunye ne-esp6:
sh -c "printf 'faka i-esp4 /bin/false\ninstall esp6 /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 2>/dev/null; yinyani"
umthombo: opennet.ru
