Mva nje Umphandi waseRussia ukhuphe iinkcukacha zokuba semngciphekweni weentsuku ezingama-zero kwiVirtualBox evumela umhlaseli ukuba aphume kumatshini oqinisekileyo wokwenza ikhowudi enobungozi kwinkqubo yokusebenza yomsingathi.
Umphandi waseRussia uSergey Zelenyuk ufumanise ukuba semngciphekweni weentsuku ezingama-zero ezichaphazela ngqo inguqulelo 5.2.20 yeBhokisi eyiyo, Kunye neenguqulelo ezidlulileyo.
Obu bungozi bufunyenwe ingavumela umhlaseli abaleke kumatshini obonakalayo (Inkqubo yeendwendwe) kwaye uhambe uye kwiRingi 3, ukuze ukusuka apho ukwazi ukusebenzisa ubuchule obukhoyo ukunyusa amalungelo kunye nokufikelela kwinkqubo yokusebenza yomgcini (kernel okanye ring 0).
Ngokwenkcukacha zokuqala zokuxela, ingxaki ikhona kwikhowudi ekwabelwana ngayo yesoftware yokwenyani, efumaneka kuzo zonke iinkqubo ezisebenzayo ezixhaswayo.
Malunga nomngcipheko weZero-Day ofunyenwe kwiVirtualBox
Ngokwifayile yokubhaliweyo efakwe kwiGitHub, Umphandi waseSaint Petersburg uSergey Zelenyuk, udibene nothotho lweempazamo ezinokuvumela ikhowudi enobungozi ukuba ibaleke kumatshini obonakalayo we-VirtualBox (inkqubo yeendwendwe) kwaye iqhubekeka nesiseko senkqubo yokusebenza (umgcini).
Nje ukuba ngaphandle kweVirtualBox VM, ikhowudi enobungozi isebenza kwisithuba esilinganiselweyo somsebenzisi wenkqubo yokusebenza.
Ukuxhaphaza kuthembeke nge-100%, utshilo uZelenyuk. "Ithetha ukuba isebenza rhoqo okanye ayisoze yenzeka ngenxa yokungafani kakuhle kwezinto ezibhaliweyo okanye ezinye izizathu ezifihlakeleyo ezingakhange ndizithathele ingqalelo."
Umphandi waseRussia Usuku lwe-zero luchaphazela zonke iinguqulelo zangoku ze-VirtualBox, isebenza ngaphandle komamkeli okanye undwendwe lwe-OS ukuba umsebenzisi uyasebenza, kwaye uyathenjwa ngokuchasene noseto olungagqibekanga koomatshini abasandula ukwenziwa.
USergey Zelenyuk, ngokungavumelani ngokupheleleyo nempendulo ka-Oracle kwinkqubo yabo ye-bug bounty kunye nokuba sesichengeni "kwentengiso," uthumele ividiyo kunye ne-PoC ebonisa intsuku eziyi-0 isebenza ngokuchasene nomatshini oBuntu oqinisekileyo isebenza ngaphakathi kwi-VirtualBox kwi-OS ye-host evela kwi-Ubuntu.
UZelenyuk ubonisa iinkcukacha zendlela i-bug enokusetyenziswa ngayo koomatshini ababonakalayo nge "Intel PRO / 1000 MT Desktop (82540EM)" iadaptha yenethiwekhi Kwimo yeNAT. Kukuseta okungagqibekanga kwazo zonke iinkqubo zeendwendwe zokufikelela kuthungelwano lwangaphandle.
Isebenza njani imeko yokuba sesichengeni
Ngokwesikhokelo sobugcisa esenziwe nguZelenyuk, iadaptha yenethiwekhi isesichengeni, ivumela umhlaseli enelungelo leengcambu / umlawuli ukuba abalekele ukubamba umsesane 3. Emva koko, kusetyenziswa ubuchule obukhoyo, umhlaseli anganyusa amalungelo eRing - nge / dev / vboxdrv.
"[I-Intel PRO / 1000 MT Desktop (82540EM)] inobungozi obuvumela umhlaseli kunye nomlawuli / amalungelo angcambu kwindwendwe ukuba abalekele kwindandatho yomamkeli3. Emva koko umhlaseli angasebenzisa ubuchule obukhoyo ukwandisa amalungelo okufowunela u-0 nge / dev / vboxdrv, ”utshilo uZelenyuk kwiphetshana lakhe elimhlophe ngoLwesibini.
zelenyuk ithi into ebalulekileyo yokuqonda ukuba ubungozi busebenza njani kukuqonda ukuba izibambo ziqhubekeka ngaphambi kokuchazwa kwedatha.
Umphandi uchaza iindlela ezisemva kwempazamo yezokhuseleko ngokweenkcukacha, ebonisa indlela yokubangela iimeko eziyimfuneko ukuze afumane ukugcwala okukhuselekileyo okunokusetyenziswa gwenxa ukubaleka ukubanjwa kwenkqubo yokusebenza ebonakalayo.
Kuqala, kubangele imeko yokugcwala kwenani elipheleleyo kusetyenziswa izikhombisi zepakethi- amacandelo edatha avumela iadaptha yenethiwekhi ukuba ilandele idatha yepakethi yenethiwekhi kwimemori yenkqubo.
Lo rhulumente waxhatshazwa ukuze afunde idatha evela kwinkqubo yokusebenza yeendwendwe kwi-buffer yemfumba kwaye ibangele imeko yokugcwala okunokukhokelela ekusebenziseni izikhombisi ngaphezulu; okanye ukubangela imeko yokuphuphuma kwesitaki.
Ingcali icebisa ukuba abasebenzisi banciphise ingxaki ngokutshintsha ikhadi lomnatha koomatshini babo ababonakalayo babe yi-AMD PCnet okanye iadaptha yenethiwekhi eyenziwe ngeparavirtualized okanye ngokunqanda ukusetyenziswa kweNAT.
“Lude luphele ulwakhiwo lweVirtualBox, ungatshintsha ikhadi lenethiwekhi loomatshini bakho libe yiPCnet (nokuba inye) okanye iParavirtualized Network.
Ukuqhubela phambili kunye nobuchwephesha bengqondo yam ... andiyiqondi kakuhle ikota yesigama esisebenzisayo.
Eyona ngxaki iphambili kukuba uninzi lweLinux lusebenzisa iVirtualBox ukuba neWindows, kwaye kuyabonakala ukuba Windows 7 ayinaye umqhubi wamakhadi ecebiswa yingcali ukuba abeke, kwaye okubi nangakumbi, ukuba ujonga umqhubi wePCnet kwi-intanethi, kubonakala ngathi Ukuba uyayihlalutya nge-virustotal okanye nayiphi na enye into ufumana i-29 positives ye-virus, uya kubona ukuba umntu uza kuyifaka njani.