Ukuba sengozini (CVE-2021-27365) kukhonjwe kukhodi yesistimu engaphansi ye-iSCSI ye-Linux kernel, evumela umsebenzisi wasendaweni ongenalo ilungelo ukuthi akhiphe ikhodi ezingeni le-kernel futhi athole amalungelo ezimpande ohlelweni. I-prototype esebenzayo yokuxhashazwa iyatholakala ukuze ihlolwe. Ukuba sengozini kuye kwasingathwa kuzibuyekezo ze-Linux kernel 5.11.4, 5.10.21, 5.4.103, 4.19.179, 4.14.224, 4.9.260, kanye ne-4.4.260. Ukubuyekezwa kwephakheji le-Kernel kuyatholakala ku-Debian, Ubuntu, SUSE/openSUSE, Arch Linux kanye nokusabalalisa kwe-Fedora. Azikho izilungiso ezikhishiwe ze-RHEL okwamanje.
Inkinga ibangelwa iphutha kumsebenzi we-iscsi_host_get_param() kusuka kumojula ye-libiscsi, eyethulwe emuva ngo-2006 ngesikhathi kuthuthukiswa uhlelo olungaphansi lwe-iSCSI. Ngenxa yokuntuleka kokuhlolwa kosayizi okufanele, ezinye izibaluli zeyunithi yezinhlamvu ze-iSCSI, njengegama lomethuleli noma igama lomsebenzisi, zingase zeqe inani elingu-PAGE_SIZE (4 KB). Ukuba sengozini kungase kusetshenziswe umsebenzisi ongenalungelo lokuthumela imilayezo ye-Netlink ebeka izibaluli ze-iSCSI zibe amanani amakhulu kuno-PAGE_SIZE. Uma lezi zibaluli zifundwa ngama-sysfs noma ama-seqfs, ikhodi ibizwa ngokuthi edlulisa izibaluli kumsebenzi we-sprintf ukuze ikopishelwe kubhafa usayizi wayo ongu-PAGE_SIZE.
Ukuxhashazwa kokuba sengozini ekusabalaliseni kuncike ekusekelweni kokulayisha okuzenzakalelayo kwemojuli yekernel ye-scsi_transport_iscsi lapho uzama ukudala isokhethi ye-NETLINK_ISCSI. Ekusabalaliseni lapho le mojula ilayishwa ngokuzenzakalelayo, ukuhlasela kungenziwa kungakhathaliseki ukusetshenziswa komsebenzi we-iSCSI. Ngesikhathi esifanayo, ukuze usebenzise ngempumelelo ukuxhashazwa, ukubhaliswa okungenani kokuhamba kwe-iSCSI eyodwa kuyadingeka ngaphezu kwalokho. Ngokulandelayo, ukubhalisa ezokuthutha, ungasebenzisa i-ib_iser kernel module, elayishwa ngokuzenzakalelayo lapho umsebenzisi ongenamalungelo ezama ukwakha isokhethi ye-NETLINK_RDMA.
Ukulayishwa okuzenzakalelayo kwamamojula adingekayo ekusetshenzisweni kokuxhaphaza kusekelwa ku-CentOS 8, RHEL 8 naku-Fedora lapho kufakwa iphakheji ye-rdma-core ohlelweni, okuncike kwamanye amaphakheji adumile futhi afakwe ngokuzenzakalelayo ekucushweni kwezindawo zokusebenza, amasistimu weseva ane I-GUI kanye ne-host host virtualization. Nokho, i-rdma-core ayifakiwe uma usebenzisa ukuhlanganisa kweseva esebenza kuphela kumodi yekhonsoli nalapho ufaka isithombe esincane sokufaka. Isibonelo, iphakheji ifakiwe ekusabalaliseni okuyisisekelo kwe-Fedora 31 Workstation, kodwa ayifakiwe kuseva ye-Fedora 31. I-Debian ne-Ubuntu azingeneki kalula enkingeni ngoba iphakethe le-rdma-core lilayisha amamojula e-kernel adingekayo ekuhlaselweni kuphela uma i-RDMA hardware ikhona.
Njengomsebenzi wokuvikeleka, ungakhubaza ukulayishwa okuzenzakalelayo kwemojula ye-libiscsi: echo βfaka i-libiscsi /bin/trueβ >> /etc/modprobe.d/disable-libiscsi.conf
Ukwengeza, ubungozi obubili obuncane obungaholela ekuvuzeni kwedatha ku-kernel bulungisiwe kusistimu engaphansi ye-iSCSI: CVE-2021-27363 (iSCSI transport descriptor information leakage via sysfs) kanye ne-CVE-2021-27364 (out-of-bounds buffer funda). Lobu bungozi bungasetshenziswa ukuxhumana ngesokhethi ye-netlink ne-subsystem ye-iSCSI ngaphandle kwamalungelo adingekayo. Isibonelo, umsebenzisi ongenalo ilungelo angaxhuma ku-iSCSI futhi akhiphe umyalo "wokuqeda iseshini" ukuze anqamule iseshini.
Source: opennet.ru