Ukuba sengozini (CVE-2022-0185) kukhonjwe ku-Filesystem Context API ehlinzekwa yi-Linux kernel, evumela umsebenzisi wendawo ukuthi athole amalungelo ezimpande ohlelweni. Umcwaningi ohlonze inkinga ushicilele ukuboniswa kokuxhashazwa okukuvumela ukuthi wenze ikhodi njengempande ku-Ubuntu 20.04 ekucushweni okuzenzakalelayo. Ikhodi yokuxhaphaza ihlelelwe ukuthunyelwa ku-GitHub lingakapheli iviki ngemva kokuba ukusatshalaliswa kukhiphe isibuyekezo esilungisa ukuba sengozini.
Ubungozi bukhona kumsebenzi we-legacy_parse_param() ku-VFS futhi kubangelwa ukwehluleka ukuhlola kahle umkhawulo kasayizi wamapharamitha anikezwe kumasistimu wefayela angasekeli i-Filesystem Context API. Ukwedlula ipharamitha enkulu kakhulu kungabangela ukuchichima kokuhlukahluka kwenombolo esetshenziselwa ukubala usayizi wedatha ezobhalwa - ikhodi inokuhlola ukuchichima kwebhafa "uma (len > PAGE_SIZE - 2 - size)", engakwenzi lokho. sebenza uma inani likasayizi likhulu kuno-4094. ngokuchichima kwenombolo ngenani eliphansi (ukugeleza okungaphansi okuphelele, lapho uphonsa 4096 - 2 - 4095 ku-int engabhalisiwe, umphumela uthi 2147483648).
Leli phutha livumela, lapho ufinyelela isithombe sesistimu yefayela esiklanywe ngokukhethekile, ukubangela ukuchichima kwe-buffer nokubhala phezu kwedatha ye-kernel kulandela indawo yememori eyabelwe. Ukuze usebenzise ubungozi, kufanele ube namalungelo e-CAP_SYS_ADMIN, i.e. amandla omlawuli. Inkinga ukuthi umsebenzisi ongenalo ilungelo angathola izimvume ezinjalo esitsheni esisodwa uma isistimu inosekelo lwezikhala zamagama zomsebenzisi ezinikwe amandla. Isibonelo, izikhala zamagama abasebenzisi zinikwe amandla ngokuzenzakalela ku-Ubuntu naku-Fedora, kodwa azivunyelwe ku-Debian ne-RHEL (ngaphandle kwalapho kusetshenziswa amapulatifomu okuhlukanisa iziqukathi).
Inkinga ibilokhu ivela kusukela ku-Linux kernel 5.1 futhi yalungiswa kuzibuyekezo zayizolo 5.16.2, 5.15.16, 5.10.93, 5.4.173. Izibuyekezo zephakheji ezilungisa ukuba sengozini sezivele zikhishelwe i-RHEL, i-Debian, i-Fedora, ne-Ubuntu. Ukulungiswa akukakatholakali ku-Arch Linux, Gentoo, SUSE kanye ne-openSUSE. Njengendlela yokuphepha yamasistimu angasebenzisi ukuhlukaniswa kweziqukathi, ungasetha inani le-sysctl "user.max_user_namespaces" libe ngu-0: echo "user.max_user_namespaces=0" > /etc/sysctl.d/userns.conf # sysctl -p /etc/sysctl.d/userns.conf
Source: opennet.ru