Ityhiliwe ulwazi malunga ubuthathaka (I-CVE-2019-14835), ekuvumela ukuba uye ngaphaya kwendlela yeendwendwe kwi-KVM (qemu-kvm) kwaye usebenzise ikhowudi yakho kwicala lendawo yenginginya kumxholo we Linux kernel. Ukuba sesichengeni kunikwe igama elithi V-gHost. Ingxaki ivumela inkqubo yeendwendwe ukuba yenze iimeko zokuphuphuma kwebuffer kwimodyuli ye-vhost-net kernel (i-network backend ye-virtio), yenziwe kwicala lendawo engqonge inginginya. Uhlaselo lunokwenziwa ngumhlaseli onelungelo elikhethekileyo lokufikelela kwinkqubo yeendwendwe ngexesha lomsebenzi wokufuduka komatshini.
Ukulungisa Ingxaki ibandakanyiwe ifakwe kwi-Linux 5.3 kernel. Njengeendlela zokusebenza zokuthintela ukuba sesichengeni, unokuvala imfuduko ephilayo yeenkqubo zeendwendwe okanye uvale imodyuli ye-vhost-net (yongeza βuluhlu olumnyama vhost-netβ ku /etc/modprobe.d/blacklist.conf). Ingxaki ibonakala iqala kwi-Linux kernel 2.6.34. Ubuthathaka bulungisiwe Ubuntu ΠΈ Fedora, kodwa ihleli ingalungiswanga Debian, Arch Linux, USUSE ΠΈ RHEL.
umthombo: opennet.ru