Mazuva mashoma apfuura Ruzivo rwekusagadzikana kwakanyanya rwakaburitswa (CVE-2024-6387) yaiva yakaonekwa mu OpenSSH nevaongorori veQualys, uye zvinotaurwa kuti ndizvo inobvumira kure kure ropafadzo kodhi kuuraya mudzi pasina kudiwa kwehuchokwadi.
Qualys vatsvakurudzi Vakatumidza kusagadzikana "regreSSHion", uye inounzwa mune yakasarudzika OpenSSH kumisikidza kutanga nevhezheni 8.5 pane masisitimu anoshandisa Glibc standard raibhurari.
Chii chinonzi regreSSHion uye chinobata sei OpenSSH?
MuQualys blog post, zvinonzi regreSSHion mhedzisiro yekuchinja kunodzoreredza kunosanganisirwa muOpenSSH 8.5, iyo inokonzeresa mamiriro emujaho mukubata masaini mu sshd. Kudzoreredzwa uku kwakabvisa dziviriro kubva mukusagadzikana kwekare, uko kwaive nedzidziso muchimiro (mukuita zvaive zvakaoma kana zvisingaite kuishandisa).
Munguva yekuvandudzwa kweOpenSSH 8.5, nekukanganisa block yakabviswa «#ifdef ITA_LOG_YAKATEVEDZWA_MUSIGHAND» kubva kune sigdie () basa, iyo inomhanya yakananga kubva kuSIGALRM controller. Mudzori SIGALRM inomhanya asynchronously pane sshd kana mutengi asina chokwadi mukati menguva yekubatanidza (LoginGraceTime, default 120 seconds).
Kushandisa nzira
Kurwisa kunobva pakuti mubati wechiratidzo anodana mabasa asina kuchengetedzeka yeasynchronous sign processing, senge syslog (). MuGlibc, iyo syslog () basa harina kugadzirwa kuti rishandiswe mune asynchronously akaurayiwa masaini madhiri.
La Kushandisa iyo SIGALRM siginecha kunovhiringa kuitwa kweimwe kodhi pane sshd, izvo zvinogona kutungamirira kukuputsika kwehurumende yekuuraya. Chinangwa chekushandiswa ndechekugadzira mamiriro ekukanganisa kodhi yaunoda panguva chaiyo. Semuenzaniso, activating SIGALRM panguva yekuitwa kwe malloc kana mahara inogona kukanganisa zvimiro zvemukati zve malloc. OpenBSD haina kukanganiswa nekusagadzikana uku nekuti, pachinzvimbo che syslog (), iyo SIGALRM chiratidzo chinobata chinodaidza basa racho syslog_r(), yakanyatsogadzirirwa kuita asynchronous execution.
Vatsvakurudzi veQualys vanotaura kuti, Kurwiswa kwacho kuri nyore uye kunotora nguva shoma pane masisitimu asina ASLR kana pakugovera anoshandisa yakagadziridzwa vhezheni yeOpenSSH. iyo inodzima ye-per-connection ASLR re-randomization.
Kusagadzikana kwakaratidzwa pane 32-bit system ine Glibc uye ASLR dziviriro (kero nzvimbo randomization) inobvumira. Kurwisa kunobudirira munzvimbo inodzorwa zvakatora maawa anenge 6-8, panguva iyo kubatanidza kunoramba kuchiitwa kune sevha pachiyero chepamusoro chinobvumirwa ne sshd configuration.
Kunyange zvakadaro kurwiswa kwe64-bit masisitimu hakugone kubviswa, kushandiswa hakusati kwagadzirwa inoshanda kune aya masisitimu. Kurwisa 64-bit masisitimu inotarisirwa kutora nguva yakareba, kunyangwe isingasviki vhiki.
Kuderedza uye mhinduro
Zvinonzi OpenSSH paOpenBSD haina kukanganiswa nekusagadzikana uku, kubvira 2001 iyi system yakashandisa nzira yekudzivirira inovhara rudzi urwu rwekurwisa. Mune mamwe masisitimu akavakirwa pamaraibhurari akajairwa kunze kweGlibc, zvinokwanisika kugadzirisa nzira yekurwisa, kunyangwe chikamu ichi chisati chaongororwa neQualys.
Pamusoro pezvo, masisitimu ane Musl C akajairwa raibhurari haana njodzi. kune iyi nzira yekushandisa, sezvo mu musl basa syslog () haishandise dynamic memory allocation paunenge uchifomatidza kubuda uchishandisa printf() uye hakudane basa nguva yemuno() nekubatanidza nguva yekutumira meseji matanda.
Chekupedzisira, zvinofanirwa kutaurwa izvo Kusagadzikana kwacho kwakagadziriswa mune yakavharwa vhezheni yeOpenSSH 9.8., iyo yakabudiswa munguva pfupi yapfuura uye tichave tichitaura pamusoro payo munyaya inotevera. Sechishandiso chekudzikisa kusagadzikana, iyo parameter "LoginGraceTime=0"muFaira sshd_config. Nekudaro, kudzima nguva yekupera kunogona kuita kuti zvive nyore kutanga kuramba kwekurwiswa kwesevhisi kana kubatanidza kwakawanda kwakasimbiswa kunodarika miganhu inotsanangurwa neparameter. MaxStartups.
Kana uchifarira kudzidza zvakawanda nezvazvo, ndinokukoka kuti utarise bhuku reQualys pa chinotevera chinongedzo.