Dominik Penner da aikin KDE sun ba da gargaɗi game da yanayin rauni tsanani a cikin Ark mai sarrafa fayil (wanda aka haɓaka ta hanyar aikin KDE) wanda software ba koyaushe yake buɗe fayilolin ba inda yakamata.
Penner ya ba da rahoton wannan rashin lafiyar ga ƙungiyar tsaro ta KDE a ranar 20 ga Yulin, 2020, kuma an gyara ɓarnar cikin sauri a cikin Ark 20.08.0.
Shin hakane, lokacin buɗe fayil ɗin da aka kera musamman a cikin aikace-aikacen, rashin lafiyar ba ka damar sake rubuta fayiloli a waje da adireshin an bayyana don buɗe fayil ɗin.
Saboda ARK daidaitacce ne a cikin yanayin KDE kuma ana amfani dashi a kusan dukkanin rarraba Linux da muhalli KDE yana bawa masu amfani damar fara aikace-aikace ta atomatik lokacin da mai amfani ya shiga.
Ana farawa waɗannan farawa ta atomatik ta ƙirƙirar fayiloli .desktop Specials a cikin ~ / .config / autostart babban fayil wanda ya ƙayyade wane shirin zai gudana a shiga.
Matsalar kuma tana bayyana kanta lokacin buɗe fayiloli a ciki mai sarrafa fayil Dabbar (Cire abu a cikin menu na mahallin), wanda ke amfani da aikin Jirgin don aiki tare da fayiloli. Raunin yanayin yana tunatar da matsalar da ta daɗe da Zip Slip.
Don amfani da kuskuren, wani maƙiyi kawai zai yaudari wanda aka azabtar ya buɗe fayil ɗin da aka kirkira don dalilai marasa kyau. Da zarar an buɗe, bundled malware zai gudana ta atomatik don aiwatar da ayyukan da aka tsara. Wannan na iya zama daga shigarwa na masu hakar ma'adinai da Trojans zuwa hare-haren fansware da abubuwan bangon baya.
Don nuna wannan, Penner ta haɓaka lambar PoC don amfani da yanayin rauni wanda ke ƙirƙirar fayiloli ta atomatik na KDE ta atomatik ta hanyar cire fayil ɗin da aka ƙera musamman a cikin babban fayil na yanzu. Da zarar an daidaita autorun, lokaci na gaba da za'a sake kunna kwamfutar kuma mai amfani ya shiga cikin asusun, shirin zai gudana ƙayyade, wanda zai haifar da aiwatar da lambar nesa.
Wannan na iya, Dangane da imel ɗin gargaɗi akan KDE-Sanar da aikawasiku a cikin Jirgi har zuwa na 20.04.3, yanzu yana nunawazan kasance batun tsaro. Fayilolin da aka sarrafa su na iya buɗe fayilolin su a ko'ina cikin kundin adireshin gida.
CVE-2020-16116 shine abin da ake kira kai harin wuce gona da iri. Dangane da shawarwarin, maharan na iya yin amfani da bayanan hanyar cikin mugayen fayiloli ta yadda fayilolin da suka ƙunsa sun ƙare ko'ina cikin kundin adireshin gidan mai amfani bayan buɗewa (anan ne ake buƙatar hulɗar mai amfani).
Wani maƙiyi na iya canza ".bashrc" ko adana kowane rubutu a cikin "~ / .config / autostart" don tsara lambar ka kuma gudanar da ita tare da gatan mai amfani na yanzu.
Yin amfani da yanayin rauni ya yi daidai da ƙara hanyoyin da ke ɗauke da haruffan »../» a cikin fayil ɗin, yayin aiki wanda Jirgin zai iya wuce bayanan tushe.
Bayan gano rashin lafiyar mai binciken, KDE ya fito da facin kayan aikin.
Dangane da shawarar KDE, yanayin rauni, CVE-2020-16116, cimma mahimmancin ƙimar nauyi. KDE ya gyara kwaro tare da sakin Ark 20.08.0 wanda ke hana shigarwar fayil mara kyau yayin la'akari da hakan, kuma sun gabatar da shawara mai zuwa.
Don haka masu amfani da KDE su shigar da ɗaukakawa ko facaka wani sigar da ta gabata tare da fayil ɗin da ke gyara yanayin rauni.
Kodayake ana yin shawarwarin don tabbatar da kowane fayil kafin rage shi. Idan akwai shigarwa a cikin fayil ɗin wanda ke nufin kundin adireshi na sama (misali, “../”), dole ne a kula.
Ga waɗanda suke da sha'awar sanin tsarin nau'in fayiloli waɗanda zasu iya amfani da wannan yanayin. Zasu iya gwadawa ta amfani da fayil ɗin samfurin sharri a mahaɗin da ke ƙasa.
Penner ya gano cewa mai amfani da kayan tarihin ARK baya cire haruffan giciye daga hanyar yayin buɗewa. Wannan kwaro ya ba da damar ƙirƙirar fayiloli wanda zai iya cire fayiloli a duk inda mai amfani yake da damar zuwa.
A ƙarshe, idan kuna son ƙarin sani game da shi, zaku iya bincika cikakkun bayanai a cikin bin hanyar haɗi.