Kuphawulwe ubungozi obubili ku-Linux kernel (CVE-2023-1281, CVE-2023-1829) okuvumela umsebenzisi wendawo ukuthi aphakamise amalungelo akhe ohlelweni. Ukuze wenze ukuhlasela, izimvume zokudala nokuguqula izigaba zethrafikhi ziyadingeka, ezitholakala ngamalungelo e-CAP_NET_ADMIN, angatholwa ngekhono lokudala izikhala zamagama abasebenzisi. Izinkinga zivele kusukela ku-kernel 4.14 futhi zalungiswa egatsheni le-6.2.
Ubungozi bubangelwa ukufinyelela kwenkumbulo ngemva kokukhululwa (ukusetshenziswa ngemva kokukhululwa) kukhodi ye-tcindex ye-tcindex, eyingxenye yesistimu engaphansi ye-QoS (Ikhwalithi yesevisi) ye-Linux kernel. Ukuba sengozini kokuqala kwenzeka ngenxa yesimo somjaho lapho kubuyekezwa izihlungi ze-hashi ezinganele, futhi ubungozi besibili kwenzeka lapho kususwa isihlungi se-hashi esilungile. Ungakwazi ukulandelela ukulungiswa kokusatshalaliswa emakhasini alandelayo: I-Debian, Ubuntu, Gentoo, RHEL, SUSE, Fedora, Gentoo, Arch. Ukuze uvimbele ukuxhashazwa kokuba sengozini usebenzisa i-workaround, ungakhubaza ikhono lokudala izikhala zamagama ngabasebenzisi abangenamalungelo (βsudo sysctl -w kernel.unprivileged_userns_clone=0β).
Source: opennet.ru