Ubuthathaka (CVE-2021-27365) ichongiwe kwikhowudi ye-iSCSI ye-subsystem ye-Linux kernel, evumela umsebenzisi wasekhaya ongenanto ukuba enze ikhowudi kwinqanaba le-kernel kwaye afumane amalungelo engcambu kwinkqubo. Iprototype esebenzayo ye-exploit iyafumaneka ukuvavanywa. Ukuba sesichengeni kuye kwalungiswa kwi-Linux kernel updates 5.11.4, 5.10.21, 5.4.103, 4.19.179, 4.14.224, 4.9.260, kunye ne-4.4.260. Uhlaziyo lwephakheji yeKernel luyafumaneka kwiDebian, Ubuntu, SUSE/openSUSE, Arch Linux kunye nokuhanjiswa kweFedora. Akukho lungiso lukhutshiweyo lwe-RHEL okwangoku.
Ingxaki ibangelwa yimpazamo kumsebenzi we iscsi_host_get_param () ukusuka kwimodyuli ye-libiscsi, eyaziswa emva ngo-2006 ngexesha lophuhliso lwenkqubo engaphantsi ye-iSCSI. Ngenxa yokunqongophala kokujongwa kobungakanani obufanelekileyo, ezinye iimpawu zoyelelwano lwe-iSCSI, njengegama lenginginya okanye igama lomsebenzisi, zinokugqitha kwi- PAGE_SIZE ixabiso (4 KB). Ukuba sesichengeni kungasetyenziswa ngumsebenzisi ongenalungelo lokuthumela imiyalezo ye-Netlink emisela iimpawu ze-iSCSI kumaxabiso amakhulu kuno-PAGE_SIZE. Xa ezi mpawu zifundwa ngeesysfs okanye iiseqfs, ikhowudi ibizwa ngokuba igqithisa iimpawu zomsebenzi wesprintf ukuze zikhutshelwe kwisithinteli esinobungakanani obuyi-PAGE_SIZE.
Ukusetyenziswa kobuthathaka kunikezelo kuxhomekeke kwinkxaso yolayisho oluzenzekelayo lwe scsi_transport_iscsi imodyuli yekernel xa uzama ukwenza i NETLINK_ISCSI socket. Kwizabelo apho le modyuli ilayishwa ngokuzenzekelayo, uhlaselo lunokwenziwa kungakhathaliseki ukusetyenziswa kwe-iSCSI ukusebenza. Ngexesha elifanayo, ukusebenzisa ngempumelelo ukuxhaphazwa, ukubhaliswa ubuncinane bezothutho ze-iSCSI zongezelelweyo ziyafuneka. Kwakhona, ukubhalisa uthutho, ungasebenzisa i-ib_iser kernel module, elayishwa ngokuzenzekelayo xa umsebenzisi ongenanto ezama ukwenza i-NETLINK_RDMA socket.
Ukulayishwa okuzenzekelayo kweemodyuli eziyimfuneko kwisicelo sokuxhaphaza kuxhaswa kwi-CentOS 8, i-RHEL 8 kunye ne-Fedora xa ufaka iphakheji ye-rdma-core kwinkqubo, exhomekeke kwezinye iipakethe ezidumileyo kwaye ifakwe ngokungagqibekanga kuqwalaselo lweendawo zokusebenza, iinkqubo zeseva kunye I-GUI kunye neendawo ezisingqongileyo ezibonakalayo. Nangona kunjalo, i-rdma-core ayifakelwanga xa usebenzisa indibano yeseva esebenza kuphela kwimowudi yekhonsoli kwaye xa ufaka umfanekiso omncinci wofakelo. Ngokomzekelo, iphakheji ifakwe kwisiseko sokusasazwa kwe-Fedora 31 Workstation, kodwa ayifakwanga kwi-Fedora 31 Server. I-Debian kunye ne-Ubuntu ayikhuselekanga kancinci kwingxaki kuba iphakheji ye-rdma-core ilayisha iimodyuli ze-kernel ezifunekayo kuhlaselo kuphela ukuba i-hardware ye-RDMA ikhona.
Njengomsebenzi wokhuseleko, unokukhubaza ukulayisha ngokuzenzekelayo kwimodyuli ye-libiscsi: echo "faka i-libiscsi /bin/true" >> /etc/modprobe.d/disable-libiscsi.conf
Ukongeza, izinto ezimbini ezinobungozi obunganeno obunokukhokelela ekuvuzeni kwedatha kwi-kernel zilungisiwe kwinkqubo ephantsi ye-iSCSI: CVE-2021-27363 (iSCSI inkcazo yenkcazelo yothutho yokuvuza nge-sysfs) kunye ne-CVE-2021-27364 (ngaphandle kwemida ye-buffer funda). Obu bubuthathaka bunokusetyenziswa ukunxibelelana ngesokethi ye-netlink kunye nenkqubo engaphantsi ye-iSCSI ngaphandle kwamalungelo ayimfuneko. Umzekelo, umsebenzisi ongenanto angaqhagamshelwa kwi-iSCSI kwaye akhuphe umyalelo othi "phelisa iseshoni" ukuze kupheliswe iseshoni.
umthombo: opennet.ru