Phakathi naleli sonto, sekukhishwe ezinye izixazululo zezinkinga ezahlukahlukene ngeLinux Kernel, kodwa kwatholakala nabanye abambalwa, lapho u-Wanpeng Li esanda kuthola ukwenqatshwa kwezinsizakalo ezimbili (i-DOS) ku-Linux kernel.
Ngalokhu lokhu ivumela abahlaseli bendawo ukuthi basebenzise isikhombisi esingasebenzi ukukhomba iphutha ukuqala isimo se-DOS.
Ukuba sengozini kokuqala, ngenombolo CVE-2018-19406 ngobungozi obuvamile nokuchayeka, Itholakala ku-Linux kernel kvm_pv_send_ipi function, echazwe kufayela le-arch / x86 / kvm / lapic.c.
Ubungozi be-CVE-2018-19406 bukhona ku-Linux Kernel 4.19.2, ukuvumela umhlaseli ukuthi asebenzise ubizo lohlelo olunabile kumadivayisi angalungisiwe ukufeza isimo se-DOS. Le nkinga idalwa ukwehluleka kwe-Advanced Programmable Interrupt Controller (APIC) ukuqala kahle.
U-Wanpeng Li wabhala:
“Isizathu ukuthi imephu ye-apic ayikaqaliswa okwamanje, i-testcase isebenzisa i-pv_send_ipi interface nge-vmcall, okuholela ekutheni i-kvm-> arch.apic_map ingakhonjwa. "Lesi sichibi siyilungisa ngokubheka ukuthi imephu ye-apic ayikho yini noma cha futhi ngokushesha uma kunjalo."
Ukuba sengozini kwesibili okutholwe yi-Wanpeng Li kukhawulelwe ezimweni lapho umhlaseli engafinyelela khona ngokomzimba kudivayisi.
Le nkinga ibhalwe i-CVE-2018-19407 ku-database yokuba sengozini kazwelonke futhi ivela ku-vcpu_scan_ioapic function ku-arch / x86 / kvm / x86.c ku-Linux kernel 4.19.2, evumela abasebenzisi bendawo ukuthi babangele ukwenqatshwa kwensiza (isikhombisi se-NULL) ukuphambuka ne-BUG) ngezingcingo zesistimu eyenzelwe efinyelela esimweni lapho ioapic ingaqalwa khona.
Futhi okunye ukuba sengozini okuthinta iLinux Kernel CVE-2018-18955
Ngakolunye uhlangothi, futhi phakathi naleli sonto kutholakale ubungozi (I-CVE-2018-18955) kukhodi yokuhumusha ye-uid / gid kusuka ku-namespace yomsebenzisi.
Ukusetha okokuhlonza okuyinhloko, okuyi Ivumela umsebenzisi ongenamalungelo amalungelo omlawuli esitsheni esingalodwa (i-CAP_SYS_ADMIN) ukweqa imikhawulo yezokuphepha nokufinyelela izinsizakusebenza ngaphandle kwendawo yokuhlonza yamanje.
Isibonelo, lapho usebenzisa uhlelo lwefayela okwabelwana ngalo esitsheni nasendaweni yokusingathwa, ungafunda okuqukethwe yifayela le- / etc / shadow Kumvelo enkulu ngokufaka isikhalazo ngqo ku-i-node.
Ukuba sengozini kukhona ekusatshalalisweni kusetshenziswa i-kernel 4.15 nezinguqulo ezintsha, ngokwesibonelo ku-Ubuntu 18.04 naku-Ubuntu 18.10, i-Arch Linux neFedora (i-kernel 4.19.2 ene-fix isivele itholakala e-Arch naseFedora).
I-RHEL ne-SUSE ayithinteki. Ku-Debian ne-Red Hat Enterprise Linux, ukuxhaswa kwesikhala somsebenzisi akunikiwe amandla ngokuzenzakalela, kepha kufakiwe ku-Ubuntu naseFedora.
Ukuba sengozini kubangelwa yisiphazamisi kwikhodi ye-Linux kernel 4.15, eyethulwe ngo-Okthoba wonyaka odlule.
Inkinga isilungisiwe kuzinguqulo 4.18.19, 4.19.2 no-4.20-rc2.
Ukuba sengozini ikhona emsebenzini map_write () ochazwe kufayela le-kernel /user_namespace.c, futhi kubangelwa ukucubungula okungalungile kwezikhala zokuhlonza umsebenzisi ezihlanganisiwe ezisebenzisa ngaphezu kwama-5 we-UID noma ama-GID.
Ngaphansi kwale mibandela, ukuhunyushwa kwezikhombi ze-uid / gid kusuka endaweni yegama kuya kwikheneli (imephu eya phambili) kusebenza ngokufanele, kepha akwenziwa ngesikhathi sokuguqulwa okuphindayo (imephu ebuyela emuva, kusuka ku-kernel kuya esikhaleni sokuhlonza).
Isimo sivela lapho i-ID yomsebenzisi engu-0 (impande) imakwe kahle ukukhomba i-0 ku-kernel ngesikhathi sokuguqulwa okuqondile, kepha ayibonisi isimo sangempela ngesikhathi sokuguqulwa okuphindayo okusetshenziswe ku-inode_owner_or_capable () kanye nelungelo le-_wrt_inode_uidgid () amasheke.
Ngakho-ke, lapho ufinyelela i-inode, i-kernel ibheka umsebenzisi ukuthi unegunya elifanele, ngaphandle kokuthi isihlonzi 0 asisetshenziswanga kusuka kusethi eyinhloko yama-id womsebenzisi, kodwa kusuka endaweni ehlukile yegama.