Ku-FreeBSD
Ubungozi obuyingozi kakhulu (
natd (uma usebenzisa isikhala somsebenzisi ukuqaliswa kwe-NAT). Inkinga ayithinti ukulungiselelwa kwe-NAT okwakhiwe kusetshenziswa izihlungi zephakethe le-pf ne-ipf, noma ukulungiselelwa kwe-ipfw okungasebenzisi i-NAT.
Okunye ubungozi:
-
I-CVE-2020-7455 - okunye ubungozi obusebenzisekayo ukude ku-libalias obuhlobene nokubalwa okungalungile kobude bephakethe kusibambi se-FTP. Inkinga ikhawulelwe ekuvuzeni okuqukethwe kwamabhayithi ambalwa edatha kusuka endaweni yenkumbulo ye-kernel noma inqubo ye-natd. -
I-CVE-2019-15879 - ukuba sengozini kumojula ye-cryptodev okubangelwa ukufinyelela endaweni yenkumbulo evele ikhululiwe (ukusetshenziswa ngemva kwamahhala), kanye nokuvumela inqubo engalungile ukuthi ibhale phezu kwezindawo ezingahleliwe zememori ye-kernel. Njengendlela yokusebenza yokuvimbela ubungozi, kunconywa ukuthi ukhiphe imojuli ye-cryptodev ngomyalo we-"kldunload cryptodev" uma ilayishiwe (i-cryptdev ayilayishwa ngokuzenzakalelayo). Imojula ye-cryptodev inikeza izinhlelo zokusebenza zesikhala somsebenzisi ngokufinyelela ku-interface /dev/crypto ukuze zifinyelele ukusebenza kwe-cryptographic okusheshiswe ngehadiwe (/dev/crypto ayisetshenziswa ku-AES-NI naku-OpenSSL). -
I-CVE-2019-15880 - ubungozi besibili ku-cryptodev, okuvumela umsebenzisi ongenalungelo ukuthi aqalise ukuphahlazeka kwe-kernel ngokuthumela isicelo sokwenza umsebenzi we-cryptographic nge-MAC engalungile. Inkinga ibangelwa ukushoda kokuhlola usayizi wokhiye we-MAC lapho kwabiwa isigcinalwazi ukuze siwugcine (isigcinalwazi sidalwe ngokusekelwe kudatha kasayizi onikezwe umsebenzisi, ngaphandle kokuhlola usayizi wangempela). -
I-CVE-2019-15878 - ukuba sengozini ekusetshenzisweni kwephrothokholi ye-SCTP (Stream Control Transmission Protocol) okubangelwa ukuqinisekiswa okungalungile kokhiye owabiwe osetshenziswa isandiso se-SCTP-AUTH ukuze kuqinisekiswe ukulandelana kwe-SCTP. Uhlelo lokusebenza lwasendaweni lungabuyekeza ukhiye nge-Socket API ngenkathi ngesikhathi esifanayo lunqamula uxhumano lwe-SCTP, okuzoholela ekufinyeleleni endaweni yememori esivele ikhululiwe (ukusebenzisa ngemva kokukhululwa).
Source: opennet.ru