{"id":4815,"date":"2023-05-15T20:47:34","date_gmt":"2023-05-15T18:47:34","guid":{"rendered":"https:\/\/sajberinfo.com\/?p=4815"},"modified":"2023-06-11T20:48:46","modified_gmt":"2023-06-11T18:48:46","slug":"netfilter-ranjivost-linux-jezgra","status":"publish","type":"post","link":"https:\/\/sajberinfo.com\/en\/2023\/05\/15\/netfilter-ranjivost-linux-jezgra\/","title":{"rendered":"NetFilter ranjivost Linux jezgra"},"content":{"rendered":"<p><span style=\"font-size: 14pt;\">Sigurnosni istra\u017eiva\u010di su otkrili <em>NetFilter<\/em> ranjivost <em>Linux<\/em> jezgra koja omogu\u0107ava neovla\u0161tenom lokalnom korisniku da dobije <em>root<\/em> privilegije i na taj na\u010din dobije kontrolu nad sistemom.<\/span><\/p>\n<div id=\"attachment_4817\" style=\"width: 1034px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-4817\" class=\"size-full wp-image-4817\" src=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/05\/Linux-Kernel-Vulnerability.jpg\" alt=\"Linux Kernel Vulnerability\" width=\"1024\" height=\"646\" srcset=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/05\/Linux-Kernel-Vulnerability.jpg 1024w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/05\/Linux-Kernel-Vulnerability-300x189.jpg 300w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/05\/Linux-Kernel-Vulnerability-768x485.jpg 768w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/05\/Linux-Kernel-Vulnerability-18x12.jpg 18w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><p id=\"caption-attachment-4817\" class=\"wp-caption-text\"><em>NetFilter ranjivost Linux jezgra; Dizajn: Sa\u0111a \u0110uri\u0107<\/em><\/p><\/div>\n<h2><span style=\"font-size: 14pt;\"><strong>Ranjivost<\/strong><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\">Ranjivost je ozna\u010dena kao <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-32233\" target=\"_blank\" rel=\"noopener\"><em>CVE-2023-32233<\/em><\/a><em>, <\/em>ali nivo ozbiljnosti ranjivosti tek treba da bude utvr\u0111en. Problem je u tome \u0161to <em>Netfilter nf_tables<\/em> prihvata nepravilna a\u017euriranja svoje konfiguracije, \u0161to u odre\u0111enim slu\u010dajevima u kojima ne va\u017ee\u0107i zahtjevi mogu dovesti do o\u0161te\u0107enja unutra\u0161njeg podsistema.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Netfilter je okvir za filtriranje paketa i prevo\u0111enje mre\u017enih adresa (eng. <em>network address translation \u2013 NAT<\/em>) ugra\u0111en u jezgro <em>Linux<\/em> operativnog sistema kojim se upravlja preko uslu\u017enih programa, kao \u0161to su <em>IPtables<\/em> i <em>UFV<\/em>. Istra\u017eivanje pokazuje da to uti\u010de na vi\u0161e izdanja <em>Linux<\/em> jezgri operativnog sistema, uklju\u010duju\u0107i trenutnu stabilnu verziju, <em>v6.3.1<\/em>. Ipak, istra\u017eivanje dalje pokazuje da je za iskori\u0161tavanje ranjivosti prvo potrebno imati lokalni pristup <em>Linux<\/em> ure\u0111aju.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span style=\"font-size: 14pt;\"><strong>Dokaz ranjivosti uskoro javan<\/strong><\/span><\/h3>\n<p><span style=\"font-size: 14pt;\">Sigurnosni istra\u017eiva\u010di <em>Patryk Sondej<\/em> i <em>Piotr Krysiuk<\/em> su privatno podijelili svoje otkri\u0107e sa <em>Linux<\/em> timom koji radi na <em>Linux<\/em> jezgru kako bi im pomogli da napravi odgovaraju\u0107u ispravku. Kako je dalje objavljeno, ranjivost \u0107e biti objavljena 15. maja 2023. godine zajedno sa svim detaljima o tehnikama iskori\u0161tavanja.<\/span><\/p>\n<p>&nbsp;<\/p>\n<blockquote><p><span style=\"font-size: 14pt;\"><em>\u201cU skladu sa politikom liste Linux distribucija, eksploatacija mora biti objavljena u roku od 7 dana od ovog upozorenja. Da bih se pridr\u017eavao te politike, namjeravam da objavim i opis tehnike eksploatacije i izvorni k\u00f4d eksploatacije u ponedeljak, 15.\u201d<\/em><\/span><\/p>\n<p style=\"text-align: right;\"><span style=\"font-size: 14pt;\"><em>\u00a0<\/em><\/span><span style=\"font-size: 14pt;\"><em>&#8211; <\/em><a href=\"https:\/\/www.openwall.com\/lists\/oss-security\/2023\/05\/08\/4\" target=\"_blank\" rel=\"noopener\"><em>Post on Openwall mailing list<\/em><\/a><em> &#8211;<\/em><\/span><\/p>\n<\/blockquote>\n<p>&nbsp;<\/p>\n<h4><span style=\"font-size: 14pt;\"><strong>Zaklju\u010dak<\/strong><\/span><\/h4>\n<p><span style=\"font-size: 14pt;\">Ovo nije prva ranjivost koja je prona\u0111ena u <em>Linux<\/em> jezgru operativnog sistema u proteklih nekoliko godina i to samo dokazuje va\u017enost redovnog a\u017euriranja.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\"><em>Linux<\/em> sistemi izuzetno zanimljivi zlonamjernim akterima, jer na njima obi\u010dno radi va\u017ena infrastruktura preduze\u0107a, a ironi\u010dno su lak\u0161a meta po\u0161to se bezbjednosti timovi vi\u0161e fokusiraju na <em>Windows<\/em> okru\u017eenje u borbi protiv zlonamjernih napada\u010da.<\/span><\/p>","protected":false},"excerpt":{"rendered":"<p>Sigurnosni istra\u017eiva\u010di su otkrili NetFilter ranjivost Linux jezgra koja omogu\u0107ava neovla\u0161tenom lokalnom korisniku da dobije root privilegije i na taj na\u010din dobije kontrolu nad sistemom. Ranjivost Ranjivost je ozna\u010dena kao CVE-2023-32233, ali nivo ozbiljnosti&#46;&#46;&#46;<\/p>","protected":false},"author":1,"featured_media":4817,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[185,141,374,372,373],"class_list":["post-4815","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hronike","tag-kernel","tag-linux","tag-nat","tag-netfilter","tag-root"],"_links":{"self":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/4815","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/comments?post=4815"}],"version-history":[{"count":0,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/4815\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media\/4817"}],"wp:attachment":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media?parent=4815"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/categories?post=4815"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/tags?post=4815"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}