CISA yakataura kuti chikanganiso muLinux chiri kushandiswa zvakanyanya

Darkcrizt

3 maminitsi

ngozi

Kana dzikashandiswa, zvikanganiso izvi zvinogona kubvumira vanorwisa kuti vawane mukana usina mvumo kune ruzivo rwakadzama kana kuti kazhinji kukonzera matambudziko.

Mazuva mashoma apfuura, nhau dzakaburitswa kuti US Cybersecurity uye Infrastructure Security Agency. (CISA) yakapa yambiro pamusoro pekusagadzikana kwakanyanya muLinux iyo iri kushandiswa nesimba uye inodaidzira kuti vashandisi vagadzirise masisitimu avo nekukasira.

Kune avo vasina kujairana neCISA, munofanirwa kuziva kuti iyi ndiyo agency inoona nezve cybersecurity uye kuchengetedzwa kwezvivakwa pamatanho ese ehurumende yeUS Inoronga zvirongwa zvecybersecurity nenyika dzeUS uye inovandudza dziviriro yehurumende kubva mukurwiswa nemakombuta.

Nezve yambiro yakapihwa neCISA, zvinonzi kusazvibata, inozivikanwa seCVE-2024-1086, ine chiyero chekuomarara che7.8 kunze kwe10 uye izvi zvinobvumira vanhu vakatokanganisa hurongwa kuti vasimudzire kodzero dzavo.

Iyi mhando yekusagadzikana, inozivikanwa se "kushandisa mushure memahara", mune netfilter chikamu. Dambudziko riri munf_matafura eLinux kernel iyo inogona kushandiswa kuwana rombo renzvimbo.

Aya marudzi ekusagadzikana anowanzo kurwisa mavector eakaipa cyberattacks uye anoisa njodzi dzakakura kumubatanidzwa bhizinesi.

Iyo nft_verdict_init () basa rinobvumira maitiro akanaka sekudzima kukanganisa mukati memutongo wehook uye saka iyo nf_hook_slow () basa rinogona kukonzera kusagadzikana kaviri kwemahara kana NF_DROP yapihwa kukanganisa kudonha kwakafanana neNF_ACCEPT.

Izvo zvinotaurwa kuti kushomeka Inobata Linux kernel shanduro kubva 5.14 kusvika 6.6 uye nekudaro kusagadzikana kunogara muNF_tables, kernel chikamu chinofambisa network kusefa. Izvi zvinosanganisira mashandiro akadai sekusefa kwepaketi, kero yenetiweki uye kududzira chiteshi (NAT), kutema mapaketi, kumisa mitsetse yemapakiti munzvimbo yemushandisi, uye kumwe kushandiswa kwepakeji. Kunyangwe kusadzivirirwa kwacho kwakadzikwa muna Ndira, sekureva kweCISA kuraira, mamwe masisitimu ekugadzira haasati ashandisa iyo yekuvandudza.

Binding Operational Directive (BOD) 22-01: Kuderedza Njodzi Yakakosha Kubva Munjodzi Dzinozivikanwa Yakashandiswa Yakagadzira Catalog yeAnozivikanwa Akashandiswa Mungozi serunyorwa rwehupenyu hunozivikanwa husina njodzi uye exposure (CVEs) iyo inotakura njodzi huru kune mubatanidzwa bhizinesi. BOD 22-01 inoda masangano eFederal Civil Executive Branch (FCEB) kuti agadzirise kusadzivirirwa kwakaonekwa nenguva yakatarwa kuchengetedza network yeFCEB kubva mukutyisidzira. Ona BOD chokwadi bepa 22-01 kuti uwane rumwe ruzivo.

Kunyange zvazvo BOD 22-01 ichingoshanda kumasangano eFCEB, CISA inokurudzira zvakasimba masangano ese kuti aderedze kuratidzwa kwavo necyber kurwiswa nekuisa pamberi penguva yekugadzirisa kweCatalog vulnerabilities sechikamu chemaitiro avo ekutapukira. CISA icharamba ichiwedzera kusazvibata kukhathalogi inosangana nezvinodiwa.

Sezvo CVE-2024-1086 iri kutozivikanwa kusagadzikana, zviito zvinokanganisa shanduro dzisina njodzi Kernel kubva (kusanganisira) v5.14 kusvika (kusanganisira) v6.6, isingabatanidzi matavi ane zvigamba v5.15.149>, v6.1.76>, v6.6.15>. Chigamba cheidzi vhezheni chakaburitswa muna Kukadzi 2024 uye kusadzivirirwa kunokanganisa mavhezheni ese (kusanganisa matavi akatsiga) kubva kuv3.15 kusvika v6.8-rc1

Munyori wekushandisa anotsanangura izvo zvinokonzeresa kukanganisa kunokonzeresa mahara maviri, ini ndinowedzera mutemo weNetfilter kune isina kurongeka mushandisi namespace. Mutemo weNetfilter une chirevo chinogadzirisa kukosha kwehuipi, izvo zvichaita kuti mukati kernel code nf_tables kududzira NF_DROP pakutanga, mushure mezvo ichasunungura skb uye yozodzorera NF_ACCEPT kuti packet handling ienderere mberi uye kusunungura kaviri skb. Ini ndinobva ndamisa mutemo uyu nekugovera 16-peji IP packet (kuti igoverwe nebhudhi allocator uye kwete PCP allocator kana slab allocator, uye kugovera cache pakati peCPUs) ine migration mhando 0.

Kunonoka kuburitswa kwechipiri (kuti tidzivise huwori patinenge tichiita zvinhu), kushungurudza IP kupatsanurwa logic yeIP packet. Izvi zvinobvumira skb kuti iitwe kumirira mumutsara weIP wekupatsanurwa pasina kuburitswa kwehuwandu hwemasekonzi. Kuti ndipfuure nzira iyi yekodhi ine metadata yepakiti yakaora, ndinoshatisa kunobva IP kero 1.1.1.1 uye kero yekuenda 255.255.255.255. 

pakupedzisira kana uri kufarira kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo mu inotevera chinongedzo.


Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa. Raida minda anozivikanwa ne *

*

*

  1. Inotarisira iyo data: Miguel Ángel Gatón
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako