Abacwaningi abavela ethimbeni le-Google Project Zero bashicilele indlela yokusebenzisa ubungozi (CVE-2020-29661) ekusetshenzisweni kwesibambi se-TIOCSPGRP ioctl kusuka ku-tty subsystem ye-Linux kernel, futhi bahlola ngokuningiliziwe izindlela zokuvikela ezingavimba lokho. ubuthakathaka.
Isiphazamisi esidala inkinga salungiswa ku-Linux kernel ngoDisemba 3 ngonyaka odlule. Inkinga ivela kuma-kernel kuze kufike kunguqulo engu-5.9.13, kodwa ukusabalalisa okuningi kulungise inkinga ekubuyekezweni kwamaphakheji e-kernel anikezwe ngonyaka odlule (Debian, RHEL, SUSE, Ubuntu, Fedora, Arch). Ukuba sengozini okufanayo (CVE-2020-29660) kwatholakala ngesikhathi esisodwa ekusetshenzisweni kwekholi ye-TIOCGSID ioctl, kodwa futhi sekuvele kulungisiwe yonke indawo.
Inkinga ibangelwa iphutha lapho kusetha izingidi, okuholela esimweni somjaho kukhodi ye-drivers/tty/tty_jobctrl.c, esetshenziswe ukudala izimo zokusebenzisa ngemva kokukhululeka ezixhashazwe endaweni yomsebenzisi ngokukhohlisa kwe-ioct. ngokushayela i-TIOCSPGRP. Ukuxhashazwa okusebenzayo kukhonjisiwe ngokukhuphuka kwelungelo ku-Debian 10 nge-kernel 4.19.0-13-amd64.
Ngasikhathi sinye, i-athikili eshicilelwe ayigxili kakhulu kumasu okudala ukuxhashazwa okusebenzayo, kodwa kunalokho ukuthi imaphi amathuluzi akhona ku-kernel ukuvikela ebuthakathakeni obunjalo. Isiphetho asiduduzi; izindlela ezinjengokuhlukaniswa kwenkumbulo enqwabeni nokulawula ukufinyelela kwenkumbulo ngemva kokuba ikhululiwe azisetshenziswa ekusebenzeni, njengoba ziholela ekwehleni kokusebenza, kanye nokuvikelwa okusekelwe ku-CFI (Control Flow Integrity), okuwumphumela. amabhulokhi ukuxhaphaza ezigabeni zakamuva zokuhlasela, idinga ukuthuthukiswa.
Uma kucutshungulwa ukuthi yini engenza umehluko esikhathini eside, okugqamayo ukusetshenziswa kwezihlaziyi ezimile ezithuthukisiwe noma ukusetshenziswa kwezilimi ezivikela inkumbulo njengezilimi zesigodi zeRust neziC ezinezichasiselo ezinothile (ezifana njengokuthi Hlola C) ukuze uhlole. chaza ngesikhathi sesigaba sokwakha Izingidi, izinto kanye nezinkomba. Izindlela zokuvikela futhi zihlanganisa ukusebenzisa imodi ye-panic_on_oops, ukushintsha izakhiwo ze-kernel zibe imodi yokufunda kuphela, kanye nokukhawulela ukufinyelela kumakholi wesistimu kusetshenziswa izindlela ezifana ne-seccomp.
Source: opennet.ru