KwiFreeBSD
Obona buthathaka bunobungozi (
natd (ukuba usebenzisa isithuba somsebenzisi ukuphunyezwa kweNAT). Umba awuluchaphazeli ulungelelwaniso lwe-NAT olwakhiwe kusetyenziswa izihluzi zepakethe ze-pf kunye ne-ipf, okanye uqwalaselo lwe-ipfw olungasebenzisi i-NAT.
Obunye ubuthathaka:
-
I-CVE-2020-7455 -obunye ubungozi obunokusebenziseka kude kwi-libalias enxulumene nokubalwa okungachanekanga kobude bepakethi kumphathi weFTP. Ingxaki iphelele ekuvuzeni imixholo yee-bytes ezimbalwa zedatha ukusuka kwindawo yememori ye-kernel okanye inkqubo ye-natd. -
I-CVE-2019-15879 - ubuthathaka kwimodyuli ye-cryptodev ebangelwa ukufikelela kwindawo yememori esele ikhululiwe (ukusetyenziswa-emva kokukhululeka), kunye nokuvumela inkqubo engafanelekanga ukuba ibhale ngaphezulu kweendawo ezingafanelekanga zememori ye-kernel. Njengomsebenzi wokuthintela ubuthathaka, kuyacetyiswa ukuba ukhuphe imodyuli ye-cryptodev ngomyalelo we "kldunload cryptodev" ukuba ilayishiwe (i-cryptdev ayilayishwanga ngokungagqibekanga). Imodyuli ye-cryptodev ibonelela ngezicelo zesithuba somsebenzisi kunye nokufikelela kwi-/dev/crypto interface ukufikelela kwi-hardware-accelerated cryptographic operations (/dev/crypto ayisetyenziswa kwi-AES-NI kunye ne-OpenSSL). -
I-CVE-2019-15880 - umngcipheko wesibini kwi-cryptodev, evumela umsebenzisi ongekho semthethweni ukuba aqalise ukuphahlazeka kwe-kernel ngokuthumela isicelo sokwenza umsebenzi we-cryptographic nge-MAC engalunganga. Ingxaki ibangelwa kukunqongophala kokujonga ubungakanani beqhosha le-MAC xa unikezela isithinteli ukusigcina (isikhuseli senziwe ngokusekwe kwidatha yobungakanani obunikezelwe ngumsebenzisi, ngaphandle kokujonga ubungakanani benene). -
I-CVE-2019-15878 - ubuthathaka ekuphunyezweni kwe-SCTP (iProtocol yoLawulo lokuThunyelwa koMsinga) obangelwa kukuqinisekiswa okungachanekanga kwesitshixo ekwabelwana ngaso esisetyenziswe sisandiso se-SCTP-AUTH ukuqinisekisa ukulandelelana kwe-SCTP. Isicelo sendawo sinokuhlaziya isitshixo nge-Socket API ngelixa ngaxeshanye kuphelisa uxhulumaniso lwe-SCTP, oluya kukhokelela ekufikeleleni kwindawo yememori esele ikhululiwe (ukusetyenziswa-emva kwe-free).
umthombo: opennet.ru