12 GRIMM Linux. , 15 . , , ; , , . CVE .
CVE-2021-27365. - sprintf().
CVE-2021-27363. - ID.
CVE-2021-27364. , .
iSCSI: , SCSI : SCSI, , .
iSCSI SCSI , , , : « , iSCSI: ».
, , – , , .
, , , (, , ) Linux lib/modules
; , , , .
: , Linux, 7 2021 : 5.11.4, 5.10.21, 5.4.103, 4.19.179, 4.1.4.224, 4.9.260, 4.4.260. , , , . , uname -r
Linux 4500 :
root@slack:/lib/modules/5.10.23# find . -name '*.ko'
./kernel/arch/x86/crypto/aegis128-aesni.ko
./kernel/arch/x86/crypto/blake2s-x86_64.ko
./kernel/arch/x86/crypto/blowfish-x86_64.ko
[...4472 lines deleted...]
./kernel/sound/usb/usx2y/snd-usb-usx2y.ko
./kernel/sound/x86/snd-hdmi-lpe-audio.ko
./kernel/virt/lib/irqbypass.ko
#
, Tascam Ux2y (, US122, US224, US428), , , - snd-usb-usx2y.ko
.
, , , , - , , .
, GRIMM . , , :
, .
, , , .
, , .
, , .
, , iSCSI . , , iSCSI, , .
, ( Heartbleed?), . , "" , RAM: , .
, sprintf()
. , formatted print into string – , , . :
char buf[64]; /* Reserve a 64-byte block of bytes */
char *str = "42"; /* Actually has 3 bytes, thus: '4' '2' NUL */
/* Trailing zero auto-added: 0x34 0x32 0x00 */
sprintf(buf,"Answer is %s",str)
buf, 12 "Answer is 42", ASCII NUL, 64- – 51 .
sprintf()
: , . , str
54 , , "Answer is" buf..
, str
: C , str
, , .
, . snprintf()
: N , snprintf()
.
- .
: ID ID, 1, 2, 3 .
, , : « , : , , , , RAM?» ( ).
, , - , , , , , .
KASLR, kernel address space layout randomisation ( ), , .
- ( , : ), , , .
, , , , .
?
. , . , .
. , . IDE , « C-», , . .
, . Linux
kernel.modules_disable=1
, , ; , . . :
sysctl -w kernel.modules_disable=1 echo 1 > /proc/sys/kernel/modules_disable
, , . , , , . .