Abaphuhlisi benkqubo yokusebenza yeselula ye-Aurora (ifolokhwe ye-Sailfish OS ephuhliswe yinkampani ye-Open Mobile Platform) babelane ngebali elivezayo malunga nokuphelisa. () kwi-Glibc, ebonakala kuphela kwiqonga le-ARMv7. Ulwazi malunga nokuba sesichengeni lubhengezwe ngoMeyi, kodwa kude kube kwiintsuku zamva nje, ukulungiswa bekungafumaneki, ngaphandle kwento yokuba sesichengeni. inqanaba eliphezulu lengozi kwaye kukho iprototype esebenzayo ye-exploit ekuvumela ukuba uququzelele uphunyezo lwekhowudi xa kusetyenzwa idatha efomathiweyo ngendlela ethile kwi memcpy () kunye ne memmove () imisebenzi. Ukulungiswa kwepakethi ye ΠΈ ayikakhululwa kwaye ubuthathaka buhlala bungazinzanga kangangeenyanga ezimbini ukusuka kumzuzu wokubhengezwa koluntu kunye neenyanga ezintlanu ukusukela oko abaphuhlisi be-Glibc bazisiwe.
Ubuthathaka buzibonakalise ekuphunyezweni kwe-memcpy() kunye ne-memmove() kulwimi lwendibano ye-ARMv7 kwaye yabangelwa kukuqhubekeka okungachanekanga kwamaxabiso angalunganga weparameter emisela ubungakanani bendawo ekhutshelweyo. Iingxaki ngophuhliso lweepatch zaqala xa iinkampani ΠΈ babhengeze ukuba iiplatifomu zabo azichatshazelwa yingxaki, ekubeni bengakhi kwiinkqubo ze-ARMv32 ze-7-bit, kwaye abazange bathathe inxaxheba ekudaleni ukulungiswa. Abaphuhlisi bezabelo ezininzi ezifakwe ngaphakathi babonakala bethembele kwiqela le-Glibc, kwaye abazange bathathe inxaxheba ekulungiseleleni ukulungiswa.
Ukhetho Ukuvala ingxaki, iHuawei iphantse yacebisa ukuba izamile ukutshintsha imiyalelo yendibano esebenza ngeeoperands ezisayiniweyo (bge kunye ne-blt) ngee-analogues ezingatyikitywanga (i-blo kunye ne-bhs). Abagcini be-Glibc baphuhlise iseti yovavanyo ukujonga iimeko ezahlukeneyo zeempazamo, emva koko kwavela ukuba i-patch yeHuawei yayingafanelekanga kwaye ayizange isebenze yonke indibaniselwano yedatha yokufaka.
Ekubeni i-Aurora OS inokwakhiwa kwe-32-bit ye-ARM, abaphuhlisi bayo bagqibe ekubeni bavale ubuthathaka ngokwabo kwaye banike isisombululo kuluntu. Ubunzima yayikukuba kwakuyimfuneko ukuba kubhalwe ukuphunyezwa kolwimi olufanelekileyo lomsebenzi kwaye kuthathelwe ingqalelo iinketho ezahlukeneyo zeengxoxo zongeniso. Ukuphunyezwa kubhalwe ngokutsha kusetyenziswa imiyalelo engasayinwanga. Kwabonakala kuncinci, kodwa ingxaki ephambili yayikukugcina isantya sokwenza kunye nokuphepha ukuthotywa kokusebenza kwememcpy kunye nemisebenzi ye-memmove, ngelixa igcina ukuhambelana nazo zonke iindibaniselwano zamaxabiso egalelo.
Ekuqaleni kukaJuni, iinguqulelo ezimbini zokulungiswa zalungiswa, zigqithisa isakhelo sokuvavanya sabagcini be-Glibc kunye ne-suite yovavanyo lwangaphakathi lwe-Aurora. Ngomhla we-3 kaJuni, enye yeendlela ezikhethiweyo zakhethwa kwaye kuluhlu lokuposa lwe-Glibc. Emva kweveki
bekunjalo esinye isiqwenga esifana nendlela, eyalungisa ingxaki ekuphunyezweni kwe-multiarch, leyo uHuawei wayezama ukuyilungisa ngaphambili. Uvavanyo lwathatha inyanga kwaye ngenxa yokubaluleka kwepetshi.
Izilungiso ze-8 kaJulayi kwisebe eliphambili lokukhutshwa kwe-glibc 2.32 ezayo. Umiliselo lubandakanya iindawo ezimbini - kuzalisekiso lwe-multiarch ye-memcpy ye-ARMv7, kunye kuphumezo lolwimi lwendibano jikelele ye memcpy() kunye ne memmove() ye ARM.
Ingxaki ichaphazela izigidi zezixhobo ze-ARMv7 eziqhuba i-Linux, kwaye ngaphandle kohlaziyo olufanelekileyo, abanini basemngciphekweni xa bewaxhuma kuthungelwano (iinkonzo zokufikelela kwinethiwekhi kunye nezicelo ezivuma igalelo ledatha ngaphandle kwezithintelo zobungakanani zinokuhlaselwa). Ngokomzekelo, i-exploit elungiselelwe ngabaphandi abachonga ubuthathaka bubonisa indlela yokuhlasela iseva ye-HTTP eyakhelwe kwinkqubo yolwazi lwemoto ngokuthumela isicelo esikhulu kakhulu se-GET kwaye ufumane ukufikelela kweengcambu kwinkqubo.
umthombo: opennet.ru