I-Ripple20, uchungechunge lobungozi ku-Treck's TCP / IP stack ethinta amadivayisi ahlukahlukene

Darkcrizt

1 Ukuphawula

Muva nje izindaba zikuqedile lokho kutholakale ukukhubazeka okungaba ngu-19 kusitaki se-TCP / IP se-Treck, engasetshenziswa ngokuthumela amaphakheji aklanywe ngokukhethekile.

Ubuthakathaka butholakele, babelwa igama lekhodi elithi Ripple20 futhi okunye kwalokhu kuba sengozini nakho kuvela kuZuken Elmic's (Elmic Systems) KASAGO TCP / IP isitaki, esabelana ngezimpande ezijwayelekile noTreck.

Into ekhathazayo ngalolu chungechunge lwezingcuphe ezitholakele ukuthi isitaki se-TCP / IP Treck sisetshenziswa ngamadivayisi amaningi izimboni, ezokwelapha, ukuxhumana, okushumekiwe nomthengi, kusuka kumalambu ahlakaniphile kuya kuphrinta namandla kagesi angenakuphikiswa), kanye nakwezamandla, ezokuthutha, ezokundiza, ezokuhweba nezokukhiqiza uwoyela.

Mayelana nokuba sengozini

Okuqondiwe okuphawulekayo kokuhlaselwa kusetshenziswa isitaki se-TCP / IP Treck zifaka amaphrinta enethiwekhi we-HP nama-Intel chips.

Ukufakwa kwezinkinga kwisitaki se-TCP / IP Treck kube yisizathu sobungozi obukude Muva nje ezinhlelweni ezingaphansi ze-Intel AMT ne-ISM ezixhashazwe ngokuthumela iphakethe lenethiwekhi.

I-Intel, HP, Hewlett Packard Enterprise, Baxter, Caterpillar, Digi, Rockwell Automation kanye neSchneider Electric bakuqinisekisile ukuba sengcupheni. Ngaphezu kwabanye abakhiqizi abangama-66, imikhiqizo yabo esebenzisa isitaki se-Treck TCP / IP, abasaziphenduli izingqinamba, abakhiqizi aba-5, kufaka phakathi i-AMD, bamemezele ukuthi imikhiqizo yabo ayinankinga.

Izinkinga zitholakele ekusetshenzisweni we-IPv4, IPv6, UDP, DNS, DHCP, TCP, ICMPv4 kanye nezinqubo ze-ARP, futhi zibangelwe ukucubungula okungalungile kwamapharamitha nosayizi wedatha (kusetshenziswa inkambu enosayizi ngaphandle kokubheka usayizi wangempela wedatha), amaphutha lapho ubheka imininingwane yokufaka, imemori ephindwe kabili mahhala, ifundwa kusuka endaweni engaphandle kwe-buffer , ukuchichima kwenani, isilawuli sokufinyelela esingalungile, nezinkinga zokulungisa izintambo ngesihlukanisi esinguziro.

Umthelela walobu bucayi uzohluka ngenxa yenhlanganisela yezinketho zokuhlanganisa nezesikhathi sokusebenza ezisetshenzisiwe lapho kuthuthukiswa amasistimu ahlanganisiwe ahlukile. Lokhu kwehlukahluka kokuqaliswa nokungabikhona kokubonakala kokuthengwa kwempahla kwandise inkinga yokuhlola ngokunembile umthelela walobu bucayi. 

Ngamafuphi, umhlaseli okude ongagunyaziwe angasebenzisa amaphakethe enethiwekhi aklanywe ngokukhethekile ukudala ukwenqatshwa kwensizakalo, ukuveza imininingwane, noma ukwenza ikhodi engenacala.

Izinkinga ezimbili eziyingozi kakhulu (i-CVE-2020-11896, i-CVE-2020-11897), ezinikezwe i-CVSS level 10, vumela umhlaseli ukuthi akwazi ukwenza ikhodi yakhe kudivayisi ngokuthumela amaphakethe we-IPv4 / UDP noma i-IPv6 ngendlela ethile.

Inkinga yokuqala ebucayi ivela kumadivayisi anokweseka imigudu ye-IPv4, bese kuthi eyesibili ngezinguqulo ezinikwe amandla i-IPv6 ekhishwe ngaphambi kukaJuni 4, 2009. Okunye ukuba sengozini okubucayi (i-CVSS 9) kukhona kusisombululo se-DNS (CVE-2020-11901) futhi kuvumela ikhodi ezokwenziwa ngokuthumela isicelo se-DNS esenziwe ngokukhethekile (le nkinga yasetshenziswa ukukhombisa ukugqekezwa kweSchneider Electric UPS APC futhi ivela kumadivayisi anokuxhaswa kwe-DNS).

Ngesikhathi obunye ubungozi CVE-2020-11898, CVE-2020-11899, CVE-2020-11902, CVE-2020-11903, CVE-2020-11905 le vumela ukwazi okuqukethwe ngokuthumela amaphakheji izindawo ezihlelwe ngokukhethekile ze-IPv4 / ICMPv4, IPv6OverIPv4, DHCP, DHCPv6 noma i-IPv6 yohlelo. Ezinye izingqinamba zingaholela ekwenqabeni insizakalo noma ukuvuza kwemininingwane eyinsalela kusuka kubhafa bohlelo.

Iningi lobuthakathaka belungisiwe kukhishwe iTreck 6.0.1.67 (ukukhishwa kwe-CVE-2020-11897 okulungiswe ku-5.0.1.35, i-CVE-2020-11900 ngo-6.0.1.41, i-CVE-2020-11903 ngo-6.0.1.28, i-CVE-2020-11908 ngo-4.7. 1.27).

Njengoba ukulungiselela izibuyekezo ze-firmware zamadivayisi athile kungadla isikhathi noma kungenzeki, njengoba isitaki seTreck sinikezwe iminyaka engaphezu kwengu-20, amadivayisi amaningi ashiywe enganakiwe noma enenkinga yokuwabuyekeza.

Abaphathi bayelulekwa ukuthi bahlukanise amadivayisi anezinkinga futhi balungiselele ukujwayela noma ukuvimba amasistimu wokuhlola amaphakethe, okomlilo noma amaphakethe ahlukanisiwe, ukuvimba imigudu ye-IP (i-IPv6-in-IPv4 ne-IP-in-IP), ukuvimba i- «source routing», vumela ukuhlolwa kwe- izinketho ezingalungile kumaphakethe we-TCP, vimba imilayezo yokulawula ye-ICMP engasetshenziswanga (Ukuvuselelwa kwe-MTU ne-Mask Mask)


Amazwana, shiya okwakho

Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.

  1.   i-manolin kusho
    kwenza iminyaka 4

    Bengimane ngivuthwa ngezimayini futhi i-PC yami ijijekile, noma-ke bangitshele, ngingayilungisa mathupha noma kuzodingeka ngiyise ukukhanda i-laptop

    Phendula ku-manolin