{"id":6095,"date":"2024-02-10T14:25:32","date_gmt":"2024-02-10T13:25:32","guid":{"rendered":"https:\/\/sajberinfo.com\/?p=6095"},"modified":"2024-02-10T14:25:32","modified_gmt":"2024-02-10T13:25:32","slug":"linux-shim-ranjivost","status":"publish","type":"post","link":"https:\/\/sajberinfo.com\/en\/2024\/02\/10\/linux-shim-ranjivost\/","title":{"rendered":"Linux Shim ranjivost"},"content":{"rendered":"<p><span style=\"font-size: 14pt;\"><em>Linux<\/em> <em>Shim<\/em> ranjivost se odnosi na malu aplikaciju koju koriste projekti otvorenog k\u00f4da i druge trec\u0301e strane za verifikaciju i pokretanje programa za podizanje sistema (eng. <em>bootloader<\/em>), obi\u010dno <em>GRUB2<\/em>. Aplikacija je prvenstveno razvijena da bi se da bi se zaobi\u0161la pravna pitanja koja proizilaze iz kompatibilnosti licence.<\/span><\/p>\n<div id=\"attachment_6096\" style=\"width: 1034px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-6096\" class=\"size-full wp-image-6096\" src=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/Linux-Shim.jpg\" alt=\"Linux Shim\" width=\"1024\" height=\"1024\" srcset=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/Linux-Shim.jpg 1024w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/Linux-Shim-300x300.jpg 300w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/Linux-Shim-150x150.jpg 150w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/Linux-Shim-768x768.jpg 768w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/Linux-Shim-12x12.jpg 12w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/Linux-Shim-80x80.jpg 80w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/Linux-Shim-320x320.jpg 320w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><p id=\"caption-attachment-6096\" class=\"wp-caption-text\"><em>Linux Shim ranjivost; Source: Bing Image Creator<\/em><\/p><\/div>\n<p><em><div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Sadr\u017eaj<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #ffffff;color:#ffffff\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #ffffff;color:#ffffff\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewbox=\"0 0 24 24\" version=\"1.2\" baseprofile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/sajberinfo.com\/en\/2024\/02\/10\/linux-shim-ranjivost\/#SHIM\" >SHIM<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/sajberinfo.com\/en\/2024\/02\/10\/linux-shim-ranjivost\/#SHIM_RANJIVOST\" >SHIM RANJIVOST<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/sajberinfo.com\/en\/2024\/02\/10\/linux-shim-ranjivost\/#Udaljeni_napad\" >Udaljeni napad<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/sajberinfo.com\/en\/2024\/02\/10\/linux-shim-ranjivost\/#Lokalni_napad\" >Lokalni napad<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/sajberinfo.com\/en\/2024\/02\/10\/linux-shim-ranjivost\/#Mrezni_napad\" >Mre\u017eni napad<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/sajberinfo.com\/en\/2024\/02\/10\/linux-shim-ranjivost\/#ZAKLJUCAK\" >ZAKLJU\u010cAK<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/sajberinfo.com\/en\/2024\/02\/10\/linux-shim-ranjivost\/#ZASTITA\" >ZA\u0160TITA<\/a><\/li><\/ul><\/nav><\/div>\n<\/em><\/p>\n<h2><span class=\"ez-toc-section\" id=\"SHIM\"><\/span><span style=\"font-size: 14pt;\"><strong><em>SHIM<\/em><\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\"><em>Shim<\/em> je mala aplikacija otvorenog k\u00f4da koji odr\u017eava <em>Red<\/em><em>Hat<\/em>, a dizajnirana je da olak\u0161a proces bezbjednog pokretanja na ra\u010dunarima koji koriste <em>Unified<\/em> <em>Ektensible<\/em> <em>Firmvare<\/em> <em>Interface<\/em> \u2013 <em>UEFI<\/em>. Alat je potpisan <em>Microsoft<\/em> klju\u010dem koji je podrazumijevano prihva\u0107en na ve\u0107ini <em>UEFI<\/em> mati\u010dnih plo\u010da koji se koristi za verifikaciju sljede\u0107e faze procesa pokretanja, obi\u010dno u\u010ditavaju\u0107i <em>GRUB2<\/em> programa za podizanje sistema.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\"><em>Shim<\/em> je kreiran iz potrebe da se projektima otvorenog k\u00f4da, kao \u0161to su distribucije <em>Linux<\/em> operativnih sistema, omogu\u0107i da iskoriste prednosti <em>Secure<\/em> <em>Boot<\/em> mehanizma, kao \u0161to je spre\u010davanje neovla\u0161tenog ili zlonamjernog izvr\u0161avanja k\u00f4da tokom pokretanja, uz istovremeno zadr\u017eavanje kontrole nad hardverom.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"SHIM_RANJIVOST\"><\/span><span style=\"font-size: 14pt;\"><strong><em>SHIM<\/em> RANJIVOST<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\">Kriti\u010dna ranjivost koja je otkrivena u programu za podizanje sistema <em>Shim<\/em> omogu\u0107ava napada\u010dima da izvr\u0161e k\u00f4d i preuzmu kontrolu nad ciljnim sistemom pre nego \u0161to se jezgro sistema (eng. <em>kernel<\/em>) u\u010dita, zaobilazec\u0301i postojec\u0301e bezbjednosne mehanizme.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Otkrivena ranjivost je ozna\u010dena kao <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-40547\" target=\"_blank\" rel=\"noopener\"><em>CVE-2023-40547<\/em><\/a>, omogu\u0107ava napada\u010du da napravi posebne <em>HTTP<\/em> zahteve kako bi izazvao upisivanje van granica, potencijalno kompromituju\u0107i sistem izvr\u0161avanjem privilegovanog k\u00f4da pre nego \u0161to se operativni sistem u\u010dita.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Ranjivost je <a href=\"https:\/\/twitter.com\/BillDemirkapi\/status\/1750168326611865816\" target=\"_blank\" rel=\"noopener\">otkrio<\/a> sigurnosni istra\u017eiva\u010d kompanije <em>Microsoft Bill Demirkapi<\/em>, 24. januara 2024. godine, ali je vi\u0161e detalja postalo dostupno 2. februara 2024. godine kada je kompanija <em>Eclypsium<\/em> <a href=\"https:\/\/eclypsium.com\/blog\/the-real-shim-shady-how-cve-2023-40547-impacts-most-linux-systems\/\" target=\"_blank\" rel=\"noopener\">objavila svoj izvje\u0161taj<\/a>.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Prema izvje\u0161taju kompanija <em>Eclypsium,<\/em> <em>CVE-2023-40547 <\/em>ranjivost ima vi\u0161estruku potencijal koji napada\u010dima mo\u017ee omogu\u0107iti lokalno kompromitovanje, kompromitovanje susjedne mre\u017ee i udaljene ta\u010dke napada. Izvje\u0161taj ukazuje na tri potencijalna metoda:<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span style=\"font-size: 14pt;\"><strong>Udaljeni napad<br \/>\n<\/strong><\/span><\/h3>\n<p><span style=\"font-size: 14pt;\">Udaljeni napada\u010d mo\u017ee da izvr\u0161i napad \u010dovjeka u sredini (eng. <em>man-in-the-middle \u2013 MiTM<\/em>), presrec\u0301uc\u0301i <em>HTTP<\/em> saobra\u0107aj za <em>HTTP<\/em> pokretanje, potencijalno sa bilo koje mre\u017ene pozicije izme\u0111u \u017ertve i servera. U ovom vektoru napada, <a href=\"https:\/\/sajberinfo.com\/en\/2022\/03\/19\/hakeri-crni-sesiri-epizoda-3\/\" target=\"_blank\" rel=\"nofollow noopener\">zlonamjerni akter<\/a> mo\u017ee biti lociran u bilo kom djelu mre\u017enog segmenta da bi izvr\u0161io ovaj napad.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Lokalni_napad\"><\/span><span style=\"font-size: 14pt;\"><strong>Lokalni napad<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-size: 14pt;\">Lokalni napada\u010d sa dovoljnim privilegijama mo\u017ee da modifikuje <em>EFI<\/em> promjenljive ili <em>EFI<\/em> particiju koriste\u0107i <em>live<\/em> <em>Linux<\/em> <em>USB<\/em> da promjeni redosljed pokretanja i u\u010dita kompromitovani <em>Shim<\/em>, izvr\u0161avaju\u0107i privilegovani k\u00f4d bez onemogu\u0107avanja <em>Secure Boot <\/em>mehanizma.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Mrezni_napad\"><\/span><span style=\"font-size: 14pt;\"><strong>Mre\u017eni napad<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-size: 14pt;\">Napada\u010d na istoj mre\u017ei mo\u017ee da koristi <em>PXE<\/em> za u\u010ditavanje kompromitovanog <em>Shim<\/em> programa za podizanje sistema i dobije kontrolu nad sistemom iskori\u0161\u0107avanjem ranjive verzije. Ovaj napad se izvr\u0161ava pre nego \u0161to se jezgro operativnog sistema u\u010dita, \u0161to zna\u010di da zlonamjerni akter mo\u017ee da dobije privilegovani pristup sistemu koji se mo\u017ee koristiti da zaobi\u0111e kontrolu jezgra operativnog sistema i kontrolu unutar samog sistema.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"ZAKLJUCAK\"><\/span><span style=\"font-size: 14pt;\"><strong>ZAKLJU\u010cAK<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\">Uticaj ove ranjivosti je zna\u010dajan, po\u0161to je izvr\u0161avanje k\u00f4da pre pokretanja operativnog sistema jedan od najja\u010dih i najtajnijih oblika kompromitovanja sistema. <em>RedHat<\/em> se 5. decembra 2023. godine obavezao da popravi <em>CVE-2023-40547<\/em>, ali <em>Linux<\/em> distribucije koje podr\u017eavaju <em>Secure<\/em> <em>Boot<\/em> i koriste <em>Shim<\/em> moraju da objave sopstvena a\u017euriranja. <em>Linux<\/em> distribucije koje koriste <em>Shim<\/em>, poput <em>Red<\/em><em>Hat<\/em>, <em>Debian<\/em>, <em>Ubuntu<\/em> i <em>SUSE<\/em> distribucija, objavile su savjete sa informacijama o ranjivosti.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"ZASTITA\"><\/span><span style=\"font-size: 14pt;\"><strong>ZA\u0160TITA<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\">Korisnicima <em>Linux <\/em>operativnog sistema se savjetuje da izvr\u0161e a\u017euriranje na najnoviju verziju <em>Shim<\/em> programa za podizanje sistema <em>v15.8<\/em>, koja sadr\u017ei ispravku za <a href=\"https:\/\/www.openwall.com\/lists\/oss-security\/2024\/01\/26\/1\" target=\"_blank\" rel=\"noopener\"><em>CVE-2023-40547<\/em> i pet drugih va\u017enih ranjivosti<\/a>.<\/span><\/p>","protected":false},"excerpt":{"rendered":"<p>Linux Shim ranjivost se odnosi na malu aplikaciju koju koriste projekti otvorenog k\u00f4da i druge trec\u0301e strane za verifikaciju i pokretanje programa za podizanje sistema (eng. bootloader), obi\u010dno GRUB2. Aplikacija je prvenstveno razvijena da&#46;&#46;&#46;<\/p>","protected":false},"author":1,"featured_media":6096,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[743,746,745,739,742,141,744,390,693,740,279,738,748,747,278,741],"class_list":["post-6095","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hronike","tag-cve-2023-40547","tag-debian","tag-efi","tag-grub2","tag-http","tag-linux","tag-man-in-the-middle","tag-mitm","tag-pxe","tag-red-hat","tag-secure-boot","tag-shim","tag-suse","tag-ubuntu","tag-uefi","tag-unified-ektensible-firmvare-interface"],"_links":{"self":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/6095","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/comments?post=6095"}],"version-history":[{"count":0,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/6095\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media\/6096"}],"wp:attachment":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media?parent=6095"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/categories?post=6095"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/tags?post=6095"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}