Enhliziyweni Linux Kutholakale ubuthakathaka obubili (i-CVE-2023-1281 kanye ne-CVE-2023-1829) obungavumela umsebenzisi wendawo ukuthi andise amalungelo akhe. Lokhu kuhlasela kudinga ikhono lokudala nokuguqula izihlukanisi zethrafikhi, ezitholakala ngelungelo le-CAP_NET_ADMIN, elingatholakala ngokudala izikhala zamagama zomsebenzisi. Lezi zinkinga bezikhona kusukela ku-kernel 4.14 futhi zalungiswa ku-kernel 6.2.
Ubuthakathaka bubangelwa ubuthakathaka bokusebenzisa ngemuva kokukhululeka kukhodi ye-tcindex traffic classifier, eyingxenye yesistimu encane ye-kernel's Quality of Service (QoS). LinuxUbuthakathaka bokuqala buvela ngenxa yesimo somjaho lapho kubuyekezwa izihlungi ze-hash ezingaphelele, kanti ubuthakathaka besibili buvela lapho kususwa isihlungi se-hash esingcono kakhulu. Ungalandelela i-patch ekusakazweni emakhasini alandelayo: Debian, Ubuntu, Gentoo, RHEL, SUSE, Fedora, Gentoo, Arch. Ukuze uvimbele ukuxhashazwa kobuthakathaka, ungakhubaza ikhono lokudala izikhala zamagama zabasebenzisi abangenamalungelo ("sudo sysctl -w kernel.unprivileged_userns_clone=0").
Source: opennet.ru
