Ukuba sengozini (CVE-2021-33035) kukhonjwe ku-Apache OpenOffice office suite evumela ukusetshenziswa kwekhodi lapho kuvulwa ifayela eliklanywe ngokukhethekile ngefomethi ye-DBF. Umcwaningi othole inkinga uxwayise mayelana nokudala ukuxhashazwa okusebenzayo kweplathifomu yeWindows. Ukulungiswa kokuba sengozini okwamanje kutholakala kuphela ngendlela yesiqeshana sekhosombe lephrojekthi, esifakwe ekuhlolweni kwezakhiwo ze-OpenOffice 4.1.11. Azikho izibuyekezo zegatsha ezinzile okwamanje.
Inkinga ibangelwa i-OpenOffice ukuthembela endaweni Ubude kanye namanani enkambuThayipha kunhlokweni yamafayela e-DBF ukuze kwabiwe inkumbulo, ngaphandle kokuhlola ukuthi uhlobo lwangempela lwedatha ezinkambuni luyafana. Ukuze wenze ukuhlasela, ungacacisa uhlobo lwe-INTEGER ku-fieldType value, kodwa ubeke idatha enkudlwana futhi ucacise inani lenkundlaUbude obungahambelani nosayizi wedatha enohlobo lwe-INTEGER, okuzoholela emsileni wedatha. kusuka endaweni ebhalwa ngale kwebhafa eyabelwe. Njengomphumela wokuchichima kwebhafa elawulwayo, umcwaningi ukwazile ukuchaza kabusha i-pointer yokubuyisela kusukela emsebenzini futhi, esebenzisa amasu okuhlela agxile ekubuyiseleni (ROP - Return-Oriented Programming), ukufeza ukwenziwa kwekhodi yakhe.
Uma usebenzisa indlela ye-ROP, umhlaseli akazami ukubeka ikhodi yakhe enkumbulweni, kodwa usebenza ngezingcezu zemiyalelo yomshini kakade etholakala emitapo yolwazi elayishiwe, ephetha ngomyalelo wokubuyisela ukulawula (njengomthetho, lezi iziphetho zemisebenzi yelabhulali) . Umsebenzi wokuxhaphaza wehlela ekwakheni uchungechunge lwezingcingo kumabhulokhi afanayo (βamagajethiβ) ukuze kutholwe ukusebenza okufunayo. Amagajethi asetshenziswe ekuxhasweni kwe-OpenOffice kwakuyikhodi evela kumtapo wezincwadi we-libxml2 osetshenziswa ku-OpenOffice, leyo, ngokungafani ne-OpenOffice ngokwayo, yahlanganiswa ngaphandle kwezindlela zokuvikela ze-DEP (Data Execution Prevention) kanye ne-ASLR (Address Space Layout Randomization).
Onjiniyela be-OpenOffice baziswe ngodaba ngomhla ka-4 Meyi, okwathi ngemva kwalokho ukudalulwa kobungozi komphakathi kwahlelelwa umhlaka-30 Agasti. Njengoba ukubuyekezwa kwegatsha elizinzile kungaqedwanga ngedethi ehleliwe, umcwaningi ukuhlehlisele ukudalulwa kwemininingwane ku-September 18, kodwa abathuthukisi be-OpenOffice abazange bakwazile ukudala ukukhishwa okungu-4.1.11 ngalolu suku. Kuyaphawuleka ukuthi phakathi nocwaningo olufanayo, ukuba sengozini okufanayo kukhonjwe kukhodi yosekelo yefomethi ye-DBF ku-Microsoft Office Access (CVE-2021β38646), imininingwane yakho ezodalulwa kamuva. Azikho izinkinga ezitholakele ku-LibreOffice.
Source: opennet.ru