Kubashayeli be-Broadcom wireless chips
Izinkinga zihlonzwe ngobunjiniyela obuhlehlayo i-firmware ye-Broadcom. Ama-chips athintekile asetshenziswa kakhulu kumakhompyutha aphathekayo, omakhalekhukhwini kanye nezinhlobonhlobo zamadivayisi abathengi, kusukela kuma-SmartTV kuya kumadivayisi e-inthanethi Yezinto. Ikakhulukazi, ama-chips e-Broadcom asetshenziswa kuma-smartphones avela kubakhiqizi abanjengo-Apple, i-Samsug neHuawei. Kuyaphawuleka ukuthi i-Broadcom yaziswa ngobungozi emuva ngo-September 2018, kodwa kuthathe cishe izinyanga ezingu-7 ukukhipha ukulungiswa ngokubambisana nabakhiqizi bemishini.
Ubungozi obubili buthinta i-firmware yangaphakathi futhi bungase buvumele ikhodi ukuthi isetshenziswe endaweni yesistimu yokusebenza esetshenziswa kuma-chips e-Broadcom, okwenza kube nokwenzeka ukuhlasela izindawo ezingasebenzisi i-Linux (isibonelo, amathuba okuhlasela amadivayisi e-Apple aqinisekisiwe.
Ukuba sengozini komshayeli kwenzeka kukho kokubili umshayeli we-wl wobunikazi (i-SoftMAC ne-FullMAC) kanye nomthombo ovulekile we-brcmfmac (FullMAC). Kutholwe ukuchichima kwebhafa kumshayeli we-wl, kusetshenziswe kabi lapho indawo yokufinyelela idlulisela imilayezo ye-EAPOL efomethwe ngokukhethekile phakathi nenqubo yezingxoxo zokuxhuma (ukuhlasela kungenziwa lapho kuxhunywa endaweni yokufinyelela enonya). Endabeni ye-chip ene-SoftMAC, ubungozi buholela ebucayini be-kernel yesistimu, futhi esimweni se-FullMAC, ikhodi ingenziwa ohlangothini lwe-firmware. I-brcmfmac iqukethe ukuchichima kwebhafa kanye nephutha lokuhlola uzimele elisetshenziswe ngokuthumela ozimele bokulawula. Izinkinga ngomshayeli we-brcmfmac ku-Linux kernel
Ubungozi obuhlonziwe:
- I-CVE-2019-9503 - ukuziphatha okungalungile komshayeli we-brcmfmac lapho kucutshungulwa amafreyimu okulawula asetshenziselwa ukuxhumana ne-firmware. Uma uhlaka olunomcimbi we-firmware luvela kumthombo wangaphandle, umshayeli uyalulahla, kodwa uma umcimbi wamukelwe ngebhasi langaphakathi, uhlaka luyeqiwa. Inkinga iwukuthi izenzakalo ezivela kumadivayisi asebenzisa i-USB zidluliselwa ngebhasi langaphakathi, elivumela abahlaseli ukuba badlulisele ngempumelelo amafreyimu okulawula i-firmware lapho besebenzisa ama-adapter angenawaya ane-USB interface;
- I-CVE-2019-9500 - Uma isici esithi "Ukuvuka ku-LAN Okungenantambo" sinikwe amandla, kuyenzeka ubangele ukuchichima kwenqwaba kumshayeli we-brcmfmac (umsebenzi brcmf_wowl_nd_results) ngokuthumela uhlaka lokulawula olulungiswe ngokukhethekile. Lokhu kuba sengozini kungasetshenziswa ukuhlela ukusetshenziswa kwekhodi kusistimu eyinhloko ngemva kokuthi i-chip ifakwe ebucayini noma kuhlanganiswe nokuba sengozini kwe-CVE-2019-9503 ukuze kudlule ukuhlolwa esimweni sokuthunyelwa kokude kohlaka lokulawula;
- I-CVE-2019-9501 - ukuchichima kwebhafa kumshayeli we-wl (umsebenzi we-wlc_wpa_sup_eapol) okwenzeka lapho kucutshungulwa imilayezo okuqukethwe kwayo kwenkambu yolwazi lomkhiqizi kudlula amabhayithi angama-32;
- I-CVE-2019-9502 - Ukuchichima kwebhafa kumshayeli we-wl (umsebenzi we-wlc_wpa_plumb_gtk) kwenzeka lapho kucutshungulwa imilayezo okuqukethwe kwayo kwenkambu yolwazi lomkhiqizi kudlula amabhayithi angu-164.
Source: opennet.ru