Ubungozi (CVE-2023-1017, CVE-2023-1018) bukhonjwe kukhodi yokusetshenziswa kwesethenjwa ye-TPM 2.0 (Trusted Platform Module). Lobu bungozi buvumela ukufunda noma ukubhala kwedatha engaphandle kwemingcele. Ukuhlaselwa kokusetshenziswa kwe-cryptoprocessor kusetshenziswa ikhodi esengozini kungase kuholele ekukhishweni noma ekubhalweni phezu kolwazi oluku-chip, olufana nokhiye be-cryptographic. Amandla okubhala phezu kwedatha ku-firmware ye-TPM angase asetshenziswe umhlaseli ukuze asebenzise ikhodi yakhe ngaphakathi komongo we-TPM. Lokhu, ngokwesibonelo, kungase kusetshenziselwe ukusebenzisa i-backdoors esebenza ku-TPM futhi engabonakali isistimu yokusebenza.
Ubungozi bubangelwa ukuhlola okungalungile kosayizi wepharamitha yomsebenzi we-CryptParameterDecryption(), okuvumela amabhayithi amabili ukuthi abhalwe noma afundwe ngale kokuphela kwebhafa edluliselwe kumsebenzi we-ExecuteCommand(), oqukethe umyalo we-TPM2.0. Kuye ngokusetshenziswa kwe-firmware, lawa mabhayithi amabili abhalwe ngaphezulu angonakalisa inkumbulo engasetshenziswanga, idatha, noma izikhombi zesitaki.
Ukuba sengozini kuxhashazwa ngokuthumela imiyalo eklanywe ngokukhethekile kumojuli ye-TPM (umhlaseli kufanele abe nokufinyelela kusixhumi esibonakalayo se-TPM). Izinkinga zasingathwa kusibuyekezo sokucaciswa kwe-TPM 2.0 esikhishwe ngoJanuwari (1.59 Errata 1.4, 1.38 Errata 1.13, 1.16 Errata 1.6).
Umtapo wezincwadi we-libtpms womthombo ovulekile, osetshenziselwa ukulingisa isofthiwe yamamojula we-TPM nokuhlanganisa ukusekelwa kwe-TPM kuma-hypervisors, nawo usengcupheni. Ukuba sengozini kulungiswe ku-libtpms 0.9.6.
Source: opennet.ru
