Kuseva ye-ftpd enikezwe i-FreeBSD ubungozi obubalulekile (CVE-2020-7468), okuvumela abasebenzisi abakhawulelwe kumkhombandlela wabo wasekhaya besebenzisa inketho ye-ftpchroot ukuze bathole ukufinyelela okugcwele kwezimpande ohlelweni.
Inkinga ibangelwa inhlanganisela yesiphazamisi ekusetshenzisweni kwendlela yokuhlukanisa yomsebenzisi kusetshenziswa ikholi ye-chroot (uma inqubo yokushintsha i-uid noma ukwenza i-chroot ne-chdir ihluleka, kuphonswa iphutha elingabulali elinganqamuli iseshini) kanye nokunikeza umsebenzisi we-FTP ogunyaziwe amalungelo anele okudlula umkhawulo wendlela yempande ohlelweni lwefayela. Ukuba sengozini akwenzeki uma ufinyelela iseva ye-FTP ngemodi engaziwa noma uma umsebenzisi engene ngokugcwele ngaphandle kwe-ftpchroot. Inkinga ixazululwa kuzibuyekezo 12.1-RELEASE-p10, 11.4-RELEASE-p4 kanye no-11.3-RELEASE-p14.
Ukwengeza, singabona ukuqedwa kobungozi obuthathu kokuthi 12.1-RELEASE-p10, 11.4-RELEASE-p4 kanye 11.3-RELEASE-p14:
- - ubungozi ku-Bhyve hypervisor, evumela indawo yesivakashi ukuthi ibhale ulwazi endaweni yenkumbulo yendawo yokusingatha futhi ithole ukufinyelela okugcwele kusistimu yokusingatha. Inkinga ibangelwa ukuntuleka kwemikhawulo yokufinyelela emiyalweni yokucubungula esebenza namakheli abamba ngokomzimba, futhi ivela kuphela kumasistimu anama-AMD CPU.
- - ukuba sengozini ku-hypervisor ye-Bhyve evumela umhlaseli onamalungelo ezimpande ngaphakathi kwezindawo ezihlukanisiwe kusetshenziswa i-Bhyve ukuze ikhiphe ikhodi kuleveli ye-kernel. Inkinga ibangelwa ukuntuleka kwemikhawulo efanele yokufinyelela ezinhlakeni ze-VMCS (Virtual Machine Control Structure) kumasistimu ane-Intel CPUs ne-VMCB (Virtual
Machine Control Block) kumasistimu anama-AMD CPUs. - β ukuba sengozini kumshayeli we-ure (i-USB Ethernet Realtek RTL8152 kanye ne-RTL8153), evumela amaphakethe e-spoofing asuka kwabanye abasingathi noma ukufaka amaphakethe kwamanye ama-VLAN ngokuthumela amafreyimu amakhulu (ngaphezu kuka-2048).
Source: opennet.ru