Vulnerabilidades do Rust no kernel Linux: análise técnica da condição de corrida no driver Binder

Português

Após o relatório inicial da primeira vulnerabilidade no código Rust do kernel Linux, uma análise mais profunda do CVE-2025-68260 no módulo Binder baseado em Rust revela uma condição de corrida no manuseio de listas de dados que causa corrupção de memória e travamentos do sistema. Parches detalhados estão disponíveis no kernel 6.18.1 e 6.19-rc1.

Identificada na implementação em Rust do mecanismo de comunicação entre processos (IPC) Binder —reescrito recentemente para Android em drivers/android/binder/node.rs—, esta falha (CVE-2025-68260) centra-se numa condição de corrida na função Node::release.

O problema surge quando um bloqueio é adquirido para aceder a uma lista ligada partilhada, os itens são movidos para uma pilha local temporária, mas o bloqueio é libertado cedo demais —antes de processar e iterar completamente os itens. Esta janela permite acesso concorrente de threads do kernel aos ponteiros prev/next, levando a corrupção de memória, pânicos do kernel, reinicializações inesperadas, interrupções de serviço e erros como kernel oops nos registos.

Introduzida no kernel 6.18 via um commit de atualização do Binder que omitiu a sincronização, aumenta os riscos para sistemas Android e servidores dependentes do Binder.

Os mantenedores do kernel corrigiram rapidamente em 6.18.1 e 6.19-rc1. Atualize para o kernel estável mais recente para proteção completa; os parches upstream servem como correções interinas para ambientes críticos.

Artigos relacionados

Realistic depiction of a long COVID patient experiencing fatigue and breathing difficulties, overlaid with highlighted CD14+ monocytes (LC-Mo state) and inflammatory markers from recent immune study.
Imagem gerada por IA

Study links a distinct CD14+ monocyte state to fatigue and breathing symptoms in long COVID

Reportado por IA Imagem gerada por IA Verificado

Researchers analyzing immune cells from people with long COVID have identified a distinct molecular state in CD14+ monocytes—labeled “LC-Mo”—that was more prevalent among patients whose initial COVID-19 illness was mild to moderate and that tracked with reported fatigue and respiratory symptoms, along with higher levels of inflammatory signaling molecules in blood plasma.

UCLA scientists reverse liver damage in mice by removing zombie cells

Researchers at UCLA have identified senescent immune cells, dubbed 'zombie' cells, that accumulate in aging livers and contribute to fatty liver disease. By eliminating these cells in mice, the team reversed liver damage and reduced body weight, even on an unhealthy diet. The findings, published in Nature Aging, suggest similar mechanisms may drive human liver conditions.

Oregon State researchers report iron-based nanomaterial that eliminates breast-cancer tumors in mice

Reportado por IA Verificado

Scientists at Oregon State University say they have engineered an iron-based nanomaterial that exploits acidic, peroxide-rich conditions inside tumors to generate two types of reactive oxygen species and kill cancer cells while largely sparing healthy cells. In mouse tests using human breast-cancer tumors, the team reports complete tumor regression without observable adverse effects, though the work remains preclinical.

Saúde

Chinese team reports scalable way to generate large batches of engineered NK cells from cord-blood stem cells

Saúde

Scientists discover internal winds in cells linked to cancer spread

Saúde

Scientists map aging across 21 mouse organs with 7 million cells

Scientists explain how exercise shields brain from Alzheimer's

Researchers at the University of California, San Francisco, have discovered a mechanism by which exercise helps protect the brain from age-related damage associated with Alzheimer's disease. Physical activity prompts the liver to release an enzyme that repairs the blood-brain barrier, reducing inflammation and improving memory in older mice. The findings, published in the journal Cell, highlight a body-to-brain pathway that could lead to new therapies.

Study links early childhood stress to lifelong digestive problems

Reportado por IA

A new study in Gastroenterology connects early life stress to long-term gut issues through disruptions in gut-brain communication. Mouse experiments and large human cohorts show links to pain, constipation, and irritable bowel syndrome. Researchers suggest targeted treatments based on specific biological pathways.

sexta-feira, 03 de abril de 2026, 00:25h

Scientists discover molecular shredder in deadly parasite

sexta-feira, 27 de março de 2026, 16:40h

Study links uneven PARP inhibitor exposure in ovarian tumors to lysosomal drug “reservoirs”

sábado, 28 de fevereiro de 2026, 15:24h

New ratchet mechanism revealed in embryonic cell division

quarta-feira, 25 de fevereiro de 2026, 03:03h

Scientists identify new drug target for brain on fire disease

segunda-feira, 16 de fevereiro de 2026, 00:08h

Scientists identify enzyme causing cancer's chromosome shattering

Este site usa cookies

Usamos cookies para análise para melhorar nosso site. Leia nossa política de privacidade para mais informações.
Recusar