Ukulimala okuningana okuyingozi kukhonjwe ku-Linux kernel evumela umsebenzisi wasendaweni ukuthi andise amalungelo akhe ohlelweni. Ama-prototypes asebenzayo wokuxhashazwa alungiselelwe zonke izinkinga ezicutshungulwayo.
- Ukuba sengozini (CVE-2022-0995) kusistimu engaphansi yokulandelela umcimbi we-watch_queue ivumela idatha ukuthi ibhalwe kubhafa engaphandle kwemingcele kumemori ye-kernel. Ukuhlasela kungenziwa yinoma yimuphi umsebenzisi ongenamalungelo futhi kubangele ukuthi ikhodi yabo isebenze ngamalungelo e-kernel. Ukuba sengozini kukhona kumsebenzi we-watch_queue_set_size() futhi kuhlotshaniswa nomzamo wokusula zonke izikhombi ohlwini, noma ngabe inkumbulo ayizange inikezwe zona. Inkinga yenzeka lapho kwakhiwa i-kernel ngenketho ethi "CONFIG_WATCH_QUEUE=y", esetshenziswa ekusabalaliseni okuningi kwe-Linux.
Ukuba sengozini kwasingathwa kushintsho lwe-kernel olungezwe ngomhlaka-11 Mashi. Ungalandela ukushicilelwa kwezibuyekezo zephakheji ekusabalaliseni kulawa makhasi: I-Debian, SUSE, Ubuntu, RHEL, Fedora, Gentoo, Arch Linux. I-prototype yokuxhaphaza isivele itholakala esidlangalaleni futhi ikuvumela ukuthi uthole ukufinyelela kwezimpande lapho usebenza ku-Ubuntu 21.10 nge-kernel 5.13.0-37.
- Ukuba sengozini (CVE-2022-27666) kumamojula we-esp4 kanye ne-esp6 kernel ngokusetshenziswa koshintsho lwe-ESP (Encapsulating Security Payload) ye-IPsec, esetshenziswa uma kusetshenziswa i-IPv4 ne-IPv6. Ukuba sengozini kuvumela umsebenzisi wasendaweni onamalungelo ajwayelekile ukuthi abhale phezu kwezinto kumemori ye-kernel futhi akhuphule amalungelo abo kusistimu. Inkinga ibangelwa ukuntuleka kokubuyisana phakathi kosayizi wenkumbulo owabiwe kanye nedatha yangempela etholiwe, uma kubhekwa ukuthi umkhawulo kasayizi womlayezo ungase weqe umkhawulo kasayizi wememori owabelwe isakhiwo se-skb_page_frag_refill.
Ukuba sengozini kwalungiswa ku-kernel ngoMashi 7 (kulungiswe ngo-5.17, 5.16.15, njll.). Ungalandela ukushicilelwa kwezibuyekezo zephakheji ekusabalaliseni kulawa makhasi: I-Debian, SUSE, Ubuntu, RHEL, Fedora, Gentoo, Arch Linux. I-prototype esebenzayo yokuxhaphaza, evumela umsebenzisi ojwayelekile ukuthi athole ukufinyelela kwezimpande ku-Ubuntu Desktop 21.10 ekucushweni okuzenzakalelayo, isivele ithunyelwe ku-GitHub. Kuthiwa ngezinguquko ezincane ukuxhashazwa kuzosebenza naku-Fedora naku-Debian. Kuyaphawuleka ukuthi ukuxhaphaza kwalungiselelwa umncintiswano we-pwn2own 2022, kodwa abathuthukisi be-kernel bahlonze futhi balungisa iphutha elihlobene nalo, ngakho kwanqunywa ukuthi kudalulwe imininingwane yokuba sengozini.
- Ubungozi obubili (CVE-2022-1015, CVE-2022-1016) kusistimu engaphansi yesihlungi kumojula ye-nf_tables, eqinisekisa ukusebenza kwesihlungi sephakethe le-nftables. Ukukhishwa kokuqala kuvumela umsebenzisi wasendaweni ongenamalungelo ukuthi afinyelele ukubhala okungaphandle kwemingcele kubhafa eyabelwe kusitaki. Ukuchichima kwenzeka lapho kucutshungulwa izinkulumo ze-nfttables ezifomethwe ngendlela ethile futhi zicutshungulwa phakathi nesigaba sokuhlola sezinkomba ezicaciswe umsebenzisi onokufinyelela kumithetho ye-nftables.
Ukuba sengozini kubangelwa iqiniso lokuthi onjiniyela basikisela ukuthi inani le-"enum nft_registers reg" laliyibhayithi eyodwa, lapho ukulungiselelwa okuthile kunikwe amandla, umhlanganisi, ngokuya ngencazelo ye-C89, angasebenzisa inani lamabhithi angu-32 kuyo. . Ngenxa yalesi sici, usayizi osetshenziswe uma kuhlolwa futhi kwabiwa inkumbulo awuhambisani nosayizi wangempela wedatha esakhiweni, okuholela ekutheni umsila wesakhiwo ugqitshwe ngezikhombi kusitaki.
Inkinga ingasetshenziswa ukuze kusetshenziswe ikhodi ezingeni le-kernel, kodwa ukuhlasela okuphumelelayo kudinga ukufinyelela kuma-nfttables, angatholwa endaweni yegama yenethiwekhi ehlukile enamalungelo angu-CLONE_NEWUSER noma CLONE_NEWNET (isibonelo, uma ungasebenzisa isiqukathi esingasodwa). Ukuba sengozini futhi kuhlobene eduze nokulungiselelwa okusetshenziswe umdidiyeli, okuthi, isibonelo, anikwe amandla uma akha kumodi ye-“CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE=y”. Ukuxhashazwa kokuba sengozini kungenzeka kuqalwe nge-Linux kernel 5.12.
Ukuba sengozini kwesibili kusihlungi se-net kubangwa ukufinyelela endaweni yenkumbulo esivele ikhululiwe (ukusetshenziswa ngemva-kwamahhala) kusibambi se-nft_do_chain futhi kungaholela ekuvuzeni kwezindawo ezingaziwa zenkumbulo ye-kernel, engafundwa ngokukhohlisa ngezinkulumo ze-nftables futhi zisetshenziswe, isibonelo, ukucacisa amakheli esikhombi ngesikhathi sokuthuthukiswa kobunye ubungozi. Ukuxhashazwa kokuba sengozini kungenzeka kuqalwe nge-Linux kernel 5.13.
Ukuba sengozini kubhekwana nayo kumapetshi anamuhla we-kernel 5.17.1, 5.16.18, 5.15.32, 5.10.109, 5.4.188, 4.19.237, 4.14.274, kanye no-4.9.309. Ungalandela ukushicilelwa kwezibuyekezo zephakheji ekusabalaliseni kulawa makhasi: I-Debian, SUSE, Ubuntu, RHEL, Fedora, Gentoo, Arch Linux. Umcwaningi ohlonze izinkinga umemezele ukulungiswa kokusebenza kokusebenza kwabo bobabili ubungozi, okuhlelwe ukuthi kushicilelwe ezinsukwini ezimbalwa, ngemuva kokukhishwa kwezibuyekezo zokusabalalisa kumaphakheji we-kernel.
Source: opennet.ru