Kwanan nan, bayani game da gano rauni 7 cikin kunshin Dnsmasq, wanda ya haɗu da mai warware DNS da kuma DHCP uwar garken, waɗanda aka ba su sunan suna DNSpooq. Matsalars ba da izinin ɓarnatar da ɓoyayyen ɓoyayyen ɓoyayyen ɓoyayyen ɓoyayyen ɓoyayyen ɓoyayyen DNS hakan na iya haifar da zartar da hukuncin lambar maharin.
Kodayake kwanan nan Ba a amfani da Dnsmasq ta hanyar tsoho azaman mai warwarewa a cikin rarraba Linux na yau da kullun, har yanzu ana amfani dashi a cikin Android da rarrabawa na musamman kamar su OpenWrt da DD-WRT, da kuma firmware don masu ba da hanya daga mara waya daga masana'antun da yawa. A cikin rarrabawa na al'ada, yin amfani da dnsmasq a bayyane zai yiwu, misali yayin amfani da libvirt, ana iya farawa don samar da sabis na DNS akan injunan kama-da-wane ko ana iya kunna shi ta hanyar sauya saituna a cikin mai sarrafa NetworkManager.
Tunda al'adun haɓaka na'ura mai ba da hanya tsakanin hanyoyin sadarwa mara haɓaka abubuwa da yawa da za a buƙata, Masu binciken suna tsoron matsalolin da aka gano na iya zama ba a warware su ba na dogon lokaci kuma zai kasance cikin kai tsaye ta hare-hare kan masu ba da hanya don samun iko a kansu ko tura masu amfani zuwa shafuka masu cutarwa.
Kusan akwai kamfanoni 40 bisa Dnsmasq, ciki har da Cisco, Comcast, Netgear, Ubiquiti, Siemens, Arista, Technicolor, Aruba, Wind River, Asus, AT & T, D-Link, Huawei, Juniper, Motorola, Synology, Xiaomi, ZTE, da Zyxel. Ana iya faɗakar da masu amfani da irin waɗannan na'urori da cewa kada su yi amfani da sabis na tura bayanai na DNS da aka ba su.
Kashi na farko na yanayin rauni gano a Dnsmasq yana nufin kariya daga hare-haren guba na cache na DNS, dangane da wata hanyar da Dan Kaminsky ya gabatar a shekarar 2008.
Abubuwan da aka gano sun sa kariyar da ke akwai ba ta da tasiri kuma ba da izinin yin amfani da adireshin IP na yanki mara izini a cikin ɓoye. Hanyar Kaminsky tana sarrafa girman sakaci na filin ID na tambayar ID, wanda kawai shine rago 16.
Don nemo ainihin mai ganowa wanda ake buƙata don ɓoye sunan mai masauki, kawai aika kusan buƙatun 7.000 kuma daidaita kusan martani na 140.000 na bogi. Harin ya sauka ne don aika adadi mai yawa na fakiti masu daure IP zuwa mai warware matsalar DNS tare da masu gano ma'amala na DNS daban-daban.
Abubuwan lahani da aka gano sun rage matakin entroppy 32-bit ana sa ran buƙatar ƙididdigar rago 19, wanda ke haifar da harin gubar cache wanda ba gaskiya bane. Allyari ga haka, yadda dnsmasq ke gudanar da rikodin CNAME yana ba shi damar yin rikodin jerin abubuwan CNAME don inganta tasirin har zuwa rikodin 9 DNS a lokaci guda.
- BAKU-2020-25684: rashin ingancin ID ɗin neman buƙata a hade tare da adireshin IP da lambar tashar tashar jiragen ruwa yayin aiwatar da martani na DNS daga sabobin waje. Wannan halin bai dace da RFC-5452 ba, wanda ke buƙatar ƙarin halayen buƙatun don amfani yayin dace da amsa.
- BAKU-2020-25686: Rashin ingancin buƙatun da ake jiransu da suna iri ɗaya, yana ba da damar amfani da hanyar ranar haihuwar don rage yawan ƙoƙarin da ake buƙata don gurbata amsa. A haɗe tare da raunin CVE-2020-25684, wannan fasalin na iya rage haɓakar harin da mahimmanci.
- BAKU-2020-25685: amfani da CRC32 mara tabbas algorithm lokacin tabbatar da martani, idan harhadawa ba tare da DNSSEC ba (ana amfani da SHA-1 tare da DNSSEC). Za'a iya amfani da yanayin raunin don rage yawan ƙoƙarin ta hanyar ƙyale ka kayi amfani da yankuna waɗanda suke da iri ɗaya na CRC32 kamar yankin da ake niyya.
- Matsaloli na biyu na matsaloli (CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, da CVE-2020-25687) ana haifar da su ne ta hanyar kurakurai waɗanda ke haifar da ambaliyar ajiya yayin aiwatar da wasu bayanai na waje.
- Don raunin CVE-2020-25681 da CVE-2020-25682, yana yiwuwa a ƙirƙiri fa'idodi waɗanda zasu iya haifar da aiwatar da lambar a kan tsarin.
A ƙarshe an ambata cewa ana magance matsalolin a cikin sabuntawar Dnsmasq 2.83 kuma a matsayin aiki, ana bada shawara don musaki DNSSEC da yin tambaya ta yin amfani da layukan layin umarni.
Source: https://kb.cert.org