I-Netfilter, i-Linux kernel subsystem esetyenziselwa ukucoca kunye nokuguqula iipakethi zenethiwekhi, inomngcipheko (akukho CVE eyabelwe) enokuvumela umsebenzisi wasekhaya ukuba enze ikhowudi yezinga le-kernel kwaye aphakamise amalungelo abo kwinkqubo. Abaphandi babonise i-exploit evumela umsebenzisi wasekhaya ukuba abe yingcambu ku-Ubuntu 22.04 nge-kernel 5.15.0-39-generic. Ekuqaleni, ulwazi malunga nokuba semngciphekweni kwakucetywe ukuba lupapashwe ngo-Agasti 15, kodwa ngenxa yokukopishwa kweleta kunye neprototype ye-exploit kuluhlu lweposi yoluntu, ukuvalwa kokuchazwa kolwazi kwasuswa.
Ingxaki ikhona ukususela ekukhutshweni kwe-5.8 kernel kwaye ibangelwa ukuphuphuma kwe-buffer kwikhowudi yokusingatha uluhlu olusetiweyo kwimodyuli ye-nf_tables ngenxa yokungabikho kokuhlolwa okufanelekileyo kumsebenzi we-nft_set_elem_init. I-bug ikwinguquko eyandisa indawo yokugcina izinto zoluhlu ukuya kwi-128 bytes.
Uhlaselo lufuna ukufikelela kwi-nftables, enokufunyanwa kwindawo yamagama yothungelwano eyahlukileyo (izithuba zegama lomsebenzi womnatha) ukuba unamalungelo CLONE_NEWUSER, CLONE_NEWNS okanye CLONE_NEWNET (umzekelo, ukuba unokusebenzisa isikhongozeli esizimeleyo). Ulungiso alukafumaneki. Ukuvala ukusetyenziswa kobuthathaka kwiinkqubo eziqhelekileyo, kufuneka uqinisekise ukuba ukukwazi ukwenza izithuba zamagama ngabasebenzisi abangafanelekanga kuvaliwe ("sudo sysctl -w kernel.unprivileged_userns_clone=0").
umthombo: opennet.ru