Eyona nto iphambili Linux Kuchongwe ubuthathaka obubini (i-CVE-2023-1281 kunye ne-CVE-2023-1829) obunokuvumela umsebenzisi wasekuhlaleni ukuba andise amalungelo akhe. Olu hlaselo lufuna ukukwazi ukudala nokuguqula ii-classifiers zethrafikhi, ezifumaneka ngelungelo le-CAP_NET_ADMIN, elinokufunyanwa ngokudala izithuba zamagama zomsebenzisi. Ezi ngxaki bezikho ukususela kwi-kernel 4.14 kwaye zilungisiwe kwi-kernel 6.2.
Ubuthathaka bubangelwa kubuthathaka bokusetyenziswa emva kokungasebenzi kwikhowudi ye-tcindex traffic classifier, eyinxalenye yenkqubo engaphantsi yekernel yoMgangatho weNkonzo (QoS). LinuxUbuthathaka bokuqala bubangelwa yimeko yobuhlanga xa kuhlaziywa izihluzi ze-hash ezingagqibelelanga, kwaye okwesibini kwenzeka xa kususwa isihluzi se-hash esifanelekileyo. Ungalandela i-patch kwiisasazo kula maphepha alandelayo: Debian, Ubuntu, Gentoo, RHEL, SUSE, Fedora, Gentoo, Arch. Ukuthintela ukusetyenziswa kakubi kobuthathaka, ungavala amandla okwenza izithuba zamagama zabasebenzisi abangenamalungelo ("sudo sysctl -w kernel.unprivileged_userns_clone=0").
umthombo: opennet.ru
