Tsarin yarjejeniyar TCP / IP, wanda aka haɓaka a ƙarƙashin kulawar Ma'aikatar Tsaro ta Amurka, ya haifar da al'amuran tsaro zuwa ƙirar yarjejeniya ko zuwa yawancin aiwatarwar TCP / IP.
Tunda an bayyana cewa masu satar bayanai suna amfani da wadannan lahanin don aiwatar da hare-hare daban-daban akan tsarin. Batutuwa na yau da kullun waɗanda aka yi amfani da su a cikin TCP / IP suran ladabi sune ɓoyayyen IP, binciken tashar jiragen ruwa, da ƙin yarda da sabis.
da Masu bincike na Netflix sun gano kurakurai 4 hakan na iya yin barna a cibiyoyin bayanai. Wadannan kwanan nan an gano su a cikin Linux da FreeBSD tsarin aiki. Suna ba wa masu satar bayanai damar kulle sabobin da lalata hanyoyin sadarwa na nesa.
Game da kwarin da aka samo
Mafi mawuyacin yanayin rauni, ake kira SACK firgita, ana iya amfani dashi ta hanyar aika jerin zaɓin yarda da TCP musamman aka tsara don kwamfuta mai rauni ko sabar.
Tsarin zaiyi aiki ta hanyar faduwa ko shiga cikin Kernel Panic. Amfani da nasarar wannan yanayin, wanda aka gano da CVE-2019-11477, yana haifar da ƙin yarda da sabis.
Karyata hare-haren sabis na ƙoƙari na cinye duk mahimman albarkatu akan tsarin manufa ko hanyar sadarwa don haka ba su da amfani na yau da kullun. Karyata hare-haren sabis ana ɗauke da haɗari mai mahimmanci saboda suna iya rikicewar kasuwanci cikin sauƙi kuma suna da sauƙin aiwatarwa.
Rashin rauni na biyu yana aiki ta hanyar aika jerin SACKs masu haɗari (fakiti tabbatar da fakitoci) waɗanda ke cinye albarkatun sarrafa kwamfuta na tsarin mai rauni. Ayyuka suna aiki ta hanyar rarraba layi don sake dawo da fakitin TCP.
Amfani da wannan yanayin rashin lafiyar, wanda aka binciko azaman CVE-2019-11478, mummunan lalata tsarin aiki kuma yana iya haifar da ƙin yarda da sabis.
Waɗannan raunin yanayin biyu suna amfani da hanyar da tsarin aiki ke sarrafa abin da aka ambata na Zaɓin TCP na wayar da kai (SACK a takaice).
SACK wata hanya ce da ke baiwa kwamfutar da ke karbar sakonnin sadarwa damar fada wa wanda ya aiko sakonnin sassan da aka aika su cikin nasara, ta yadda wadanda suka rasa za a iya dawo da su. Rashin lafiyar yana aiki ta hanyar cika layin da ke adana fakitoci.
Hali na uku, wanda aka gano a cikin FreeBSD 12 da kuma gano CVE-2019-5599, Yana aiki iri ɗaya kamar CVE-2019-11478, amma yana hulɗa tare da katin aikawa da RACK na wannan tsarin aiki.
Hali na huɗu, CVE-2019-11479., Zai iya jinkirta tsarin da abin ya shafa ta hanyar rage matsakaicin girman yanki don haɗin TCP.
Wannan tsari yana tilasta tsarin da ke da rauni don aika martani a kan bangarorin TCP da yawa, kowane ɗayan yana ƙunshe da baiti 8 na bayanai kawai.
Rashin haɓaka ya sa tsarin ya cinye yawancin bandwidth da albarkatu don kaskantar da aikin tsarin.
Bambance-bambancen da aka ambata na musanta hare-haren sabis sun hada da ambaliyar ICMP ko UDP, wanda zai iya rage ayyukan cibiyar sadarwa.
Waɗannan hare-haren suna sa wanda aka azabtar ya yi amfani da albarkatu kamar bandwidth da tsarin tsabtace tsarin don amsa buƙatun kai hari ta hanyar buƙatun buƙatu.
Masu bincike na Netflix sun gano waɗannan raunin kuma sun sanar dasu a fili na wasu kwanaki.
Rarraba Linux sun fitar da faci don waɗannan larurorin ko kuma suna da wasu gyare-gyaren gyare-gyare masu amfani da gaske waɗanda ke rage su.
Mafitar shine don toshe haɗin haɗi tare da ƙananan ƙananan yanki (MSS), hana aikin SACK, ko hanzarta katse tarin TCP RACK.
Waɗannan saitunan na iya lalata haɗin haɗi na gaskiya, kuma idan tarin TCP RACK ya kasance naƙasasshe, mai kai hari zai iya haifar da sarkar mai tsada na jerin haɗin don SACKs na gaba da aka samo don irin wannan haɗin TCP.
A ƙarshe, bari mu tuna cewa an tsara tsarin yarjejeniyar TCP / IP don aiki a cikin ingantaccen yanayi.
Samfurin an haɓaka azaman sassauƙa, saƙo mai jurewa na ladabi waɗanda suke da ƙarfi don kaucewa gazawa yayin faruwar ɗaya ko fiye da ƙugiyar.