Kuphawulwe ubungozi obuningi ku-Linux kernel, okubangelwa ukufinyelela ezindaweni zememori esezivele zikhululiwe kanye nokuvumela umsebenzisi wendawo ukuthi andise amalungelo akhe ohlelweni. Kuzo zonke izinkinga ezicatshangelwayo, ama-prototypes asebenzayo wokuxhashazwa adaliwe, azoshicilelwa ngesonto ngemuva kokushicilelwa kolwazi mayelana nobuthakathaka. Iziqephu zokulungisa izinkinga zithunyelwe kubathuthukisi be-Linux kernel.
- I-CVE-2022-2588 iwubungozi ekusetshenzisweni kwesihlungi se-cls_route okubangelwa iphutha ngenxa yokuthi, lapho kucutshungulwa isibambo esingenalutho, isihlungi esidala asizange sikhishwe kuthebula le-hashi ngaphambi kokuthi inkumbulo isulwe. Ubungozi bukhona kusukela ekukhululweni kwe-2.6.12-rc2. Ukuhlasela kudinga amalungelo e-CAP_NET_ADMIN, angatholwa ngokufinyelela ukudala izikhala zamagama zenethiwekhi noma izikhala zamagama zabasebenzisi. Njengendlela yokuphepha, ungakhubaza imojula ye-cls_route ngokwengeza umugqa othi 'faka i-cls_route /bin/true' ku-modprobe.conf.
- I-CVE-2022-2586 iwubungozi ku-netfilter subsystem kumojuli ye-nf_tables, ehlinzeka ngesihlungi sephakethe le-nftables. Inkinga ibangelwa ukuthi into ye-nft ingabhekisela kuhlu olumisiwe kwelinye ithebula, okuholela ekufinyeleleni endaweni yememori ekhululiwe ngemva kokususwa kwetafula. Ubungozi bukhona kusukela ekukhululweni kwe-3.16-rc1. Ukuhlasela kudinga amalungelo e-CAP_NET_ADMIN, angatholwa ngokufinyelela ukudala izikhala zamagama zenethiwekhi noma izikhala zamagama zabasebenzisi.
- I-CVE-2022-2585 iwubungozi kusibali sikhathi se-POSIX CPU okubangelwa ukuthi uma kubizwa ngentambo engaholi, ukwakheka kwesibali sikhathi kuhlala kuhlu, naphezu kokusula inkumbulo eyabelwe ukugcinwa. Ubungozi bukhona kusukela ekukhululweni kwe-3.16-rc1.
Source: opennet.ru