Kwiseva ye-ftpd enikezelwe ngeFreeBSD Ubuthathaka obubalulekileyo (CVE-2020-7468), ukuvumela abasebenzisi umda kulawulo lwabo lwasekhaya besebenzisa i-ftpchroot ukhetho lokufumana ufikelelo olupheleleyo lweengcambu kwinkqubo.
Ingxaki ibangelwa yindibaniselwano yegciwane ekuphunyezweni kwendlela yokubeka yedwa yomsebenzisi usebenzisa umnxeba we-chroot (ukuba inkqubo yokutshintsha i-uid okanye ukuphumeza i-chroot kunye ne-chdir ayiphumelelanga, imposiso engabulaliyo iyaphoswa engayiphelisiyo iseshoni) kunye nokunika umsebenzisi we-FTP eqinisekisiweyo amalungelo awoneleyo okugqitha umda wengcambu kwindlela yefayile. Ukuba sesichengeni akwenzeki xa ufikelela kwiseva yeFTP ngendlela engaziwa okanye xa umsebenzisi engenile ngokupheleleyo ngaphandle kwe-ftpchroot. Umba usonjululwe kuhlaziyo 12.1-RELEASE-p10, 11.4-RELEASE-p4 kunye ne-11.3-RELEASE-p14.
Ukongeza, sinokuqaphela ukupheliswa kobuthathaka obungakumbi ku-12.1-RELEASE-p10, 11.4-RELEASE-p4 kunye ne-11.3-RELEASE-p14:
- -umngcipheko kwi-hypervisor ye-Bhyve, evumela indawo yeendwendwe ukuba ibhale ulwazi kwindawo yememori yendawo yokusingatha kwaye ifumane ukufikelela okupheleleyo kwinkqubo yokusingatha. Ingxaki ibangelwa kukungabikho kwezithintelo zokufikelela kwimiyalelo yeprosesa esebenza kunye needilesi ze-host host, kwaye ibonakala kuphela kwiinkqubo ezine-AMD CPUs.
- -ubuthathaka kwi-hypervisor ye-Bhyve evumela umhlaseli onamalungelo engcambu ngaphakathi kweendawo ezizimeleyo usebenzisa i-Bhyve ukwenza ikhowudi kwinqanaba le-kernel. Ingxaki ibangelwa kukunqongophala kwezithintelo ezifanelekileyo zofikelelo kwiVMCS (iSakhiwo sokuLawula umatshini obonakalayo) kwiinkqubo ezineIntel CPUs kunye neVMCB (Virtual
Ibhlokhi yoLawulo loomatshini) kwiinkqubo ezine-AMD CPUs. - - ubuthathaka kumqhubi we-ure (i-USB Ethernet Realtek RTL8152 kunye ne-RTL8153), evumela ukuba iipakethi ze-spoofing ezivela kwezinye iinginginya okanye zifake iipakethi kwezinye ii-VLAN ngokuthumela iifreyimu ezinkulu (ngaphezu kwe-2048).
umthombo: opennet.ru