Masu bincike sun bayyana sabbin hare-hare da za su iya amfani da albarkatun da aka raba tsakanin Wi-Fi da abubuwan haɗin Bluetooth akan ƙirar tsarin-on-chip (SoC) iri-iri daga Broadcom, Cypress, da Silicon Labs.
BleepingComputer farko hange takardar da ke kwatanta binciken, Wanda ake kira "Hare-hare akan Haɗin kai mara waya: Yin amfani da Ayyukan Ayyukan Fasaha na Fasaha don Ƙaddamar da Ƙwararrun Ƙwararrun Ƙwararru na Inter-Chip," kuma masu bincike daga Secure Networking Lab a Jami'ar Darmstadt da CNIT a Jami'ar Brescia ne suka buga.
Masu binciken sun ce "sun nuna cewa guntu na Bluetooth na iya cire kalmomin shiga ta hanyar sadarwa kai tsaye tare da sarrafa zirga-zirgar ababen hawa a kan guntun Wi-Fi" saboda "waɗannan kwakwalwan kwamfuta suna raba kayan aiki da albarkatu, kamar eriya ɗaya ko bakan mara waya," duk da cewa dukkansu ne. a zahiri dauke raba kwakwalwan kwamfuta.
Ya zuwa yanzu tara na gama gari na Lalaci da Bayyanawa (CVE) an sanya su ga waɗannan raunin. Masu binciken sun ce sun sanar da Kamfanin Buga na Musamman na Bluetooth da kuma Intel, MediaTek, Marvell, NXP, Qualcomm, da Texas Instruments da masana'antun da suka yi nasarar cin gajiyar na'urorinsu.
Masu satar bayanai dole ne su samu nasarar yin sulhu da ɗaya daga cikin kwakwalwan kwamfuta mara igiyar waya don yin amfani da waɗannan lahani akan ɗayan guntu. Wannan na iya baiwa maharan damar satar kalmar sirri ta Wi-Fi bayan sun lalata guntuwar Bluetooth, masu binciken sun ce, ko kuma su yi amfani da wata lalura ta daban a cikin daya daga cikin kwakwalwan don samun damar shiga wasu sassan na'urar da aka yi niyya.
"Tun da kwakwalwan kwamfuta mara igiyar waya suna sadarwa kai tsaye ta hanyar mu'amalar haɗin kai mai ƙarfi," masu binciken sun ce, "Direban OS ba za su iya tace duk wani abin da ya faru ba don hana wannan harin sabon labari. Duk da ba da rahoton al'amuran tsaro na farko kan waɗannan mu'amala fiye da shekaru biyu da suka gabata, hanyoyin haɗin gwiwar sun kasance masu rauni ga yawancin hare-harenmu. "
Masu binciken sun ce har yanzu hare-haren na su na da nasaba da na'urorin iOS 14.7 da Android 11. (Waɗanda aka maye gurbinsu da iOS 15 da Android 12, bi da bi, amma wannan rahoton ya kasance shekaru biyu a cikin yin hakan.) Sun kuma nuna hare-haren su akan wasu na'urori daban-daban, waɗanda aka nuna a teburin da ke ƙasa.
Editocin mu sun ba da shawarar
Amma rashin ragewa da alama bai zo da mamaki ba. "Mun bayyana cikin alhaki ga mai siyar da raunin da ya faru," in ji masu binciken. "Duk da haka, kawai an fitar da gyare-gyaren gyare-gyare don kayan aikin da ake da su tun lokacin da kwakwalwan kwamfuta mara waya za su buƙaci a sake fasalin su daga ƙasa har zuwa hana hare-haren da aka gabatar kan zaman tare."
Broadcom, Cypress, da Silicon Labs ba su amsa nan da nan ga buƙatun yin sharhi ba.
Kamar Abin da kuke karantawa?
Shiga don Tsaro Watch wasiƙar don manyan bayanan sirrinmu da labarun tsaro waɗanda aka isar da su kai tsaye zuwa akwatin saƙo naka.
Wannan wasiƙar na iya ƙunsar tallace-tallace, ciniki, ko hanyoyin haɗin gwiwa. Biyan kuɗi ga wasiƙar yana nuna yardar ku ga mu Sharuddan Amfani da kuma takardar kebantawa. Kuna iya cire rajista daga wasiƙun labarai a kowane lokaci.
English
Arabic
Belarusian
Bengali
Bosnian
Bulgarian
Chinese (Simplified)
Croatian
Czech
Danish
Dutch
English
Estonian
Filipino
Finnish
French
Georgian
German
Greek
Gujarati
Hausa
Hebrew
Hindi
Hmong
Hungarian
Igbo
Indonesian
Italian
Japanese
Javanese
Kazakh
Korean
Kurdish (Kurmanji)
Kyrgyz
Lao
Latvian
Lithuanian
Macedonian
Malagasy
Norwegian
Persian
Polish
Portuguese
Punjabi
Romanian
Russian
Serbian
Slovak
Slovenian
Spanish
Swedish
Thai
Turkish
Ukrainian
Vietnamese
Yoruba