Eyona nto iphambili Linux Kuye kwachongwa ubuthathaka obuliqela obubandakanya ukufikelela kwiindawo zememori ezazikhululwe ngaphambili, okuvumela abasebenzisi basekuhlaleni ukuba bandise amalungelo abo. Iiprototypes zokusebenzisa ezi zixhobo zenziwe kuzo zonke iingxaki eziphandwayo kwaye ziya kupapashwa kwisithuba seveki emva kokuba ulwazi lobuthathaka lukhutshiwe. Iipetshi ezilungisa le ngxaki zithunyelwe kubaphuhlisi beekernel. Linux.
- I-CVE-2022-2588 bubungozi ekuphunyezweni kwe-cls_route filter ebangelwa yimpazamo ngenxa yoko, xa kusenziwa isiphatho esingenanto, isihluzo esidala asizange sisuswe kwitafile ye-hash ngaphambi kokuba imemori isuswe. Ubuthathaka bukhona ukususela ekukhululweni kwe-2.6.12-rc2. Uhlaselo lufuna amalungelo eCAP_NET_ADMIN, anokufunyanwa ngokuba nofikelelo lokwenza izithuba zomsebenzi womnatha okanye izithuba zamagama abasebenzisi. Njengomsebenzi wokhuseleko, unokukhubaza imodyuli ye-cls_route ngokongeza umgca 'faka i-cls_route /bin/true' kwi-modprobe.conf.
- I-CVE-2022-2586 bubuthathaka kwisixokelelwano sokucoca umnatha kwimodyuli ye-nf_tables, ebonelela ngesihluzo sepakethe ye-nftables. Ingxaki ibangelwa yinto yokuba into ye-nft inokubhekisela kuluhlu olusetiyo kwenye itafile, ekhokelela ekufikeleleni kwindawo yememori ekhululiwe emva kokuba itafile icinyiwe. Ukuba sesichengeni kuye kwabakho ukususela ekukhululweni kwe-3.16-rc1. Uhlaselo lufuna amalungelo eCAP_NET_ADMIN, anokufunyanwa ngokuba nofikelelo lokwenza izithuba zomsebenzi womnatha okanye izithuba zamagama abasebenzisi.
- I-CVE-2022-2585 bubungozi kwi-POSIX CPU timer ebangelwa kukuba xa ubizwa kwi-thread non-laid, isakhiwo sexesha sihlala kuluhlu, nangona ukucima imemori eyabelwe ukugcinwa. Ukuba sesichengeni kuye kwabakho ukususela ekukhululweni kwe-3.16-rc1.
umthombo: opennet.ru
