{"id":10189,"date":"2025-07-04T10:23:20","date_gmt":"2025-07-04T03:23:20","guid":{"rendered":"https:\/\/infosec.new88088.net\/?p=10189"},"modified":"2026-02-03T10:50:52","modified_gmt":"2026-02-03T03:50:52","slug":"grafana-canh-bao-lo-hong-nghiem-trong-trong-image-renderer","status":"publish","type":"post","link":"https:\/\/infosec.new88088.net\/2025\/07\/04\/grafana-canh-bao-lo-hong-nghiem-trong-trong-image-renderer\/","title":{"rendered":"Grafana c\u1ea3nh b\u00e1o l\u1ed7 h\u1ed5ng nghi\u00eam tr\u1ecdng trong Image Renderer"},"content":{"rendered":"

Grafana Labs v\u1eeba ph\u00e1t h\u00e0nh m\u1ed9t b\u1ea3n v\u00e1 b\u1ea3o m\u1eadt kh\u1ea9n c\u1ea5p d\u00e0nh cho hai th\u00e0nh ph\u1ea7n quan tr\u1ecdng l\u00e0 plugin Image Renderer v\u00e0 Synthetic Monitoring Agent, sau khi ph\u00e1t hi\u1ec7n b\u1ed1n l\u1ed7 h\u1ed5ng nghi\u00eam tr\u1ecdng t\u1ed3n t\u1ea1i trong th\u01b0 vi\u1ec7n Chromium \u0111\u01b0\u1ee3c t\u00edch h\u1ee3p b\u00ean trong c\u00e1c th\u00e0nh ph\u1ea7n n\u00e0y. M\u1eb7c d\u00f9 c\u00e1c l\u1ed7 h\u1ed5ng n\u00f3i tr\u00ean \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u1ed9i ng\u0169 Chromium kh\u1eafc ph\u1ee5c t\u1eeb tr\u01b0\u1edbc, ch\u00fang v\u1eabn c\u00f3 kh\u1ea3 n\u0103ng b\u1ecb khai th\u00e1c trong m\u00f4i tr\u01b0\u1eddng Grafana do c\u00e1ch c\u00e1c plugin s\u1eed d\u1ee5ng Chromium \u1edf ch\u1ebf \u0111\u1ed9 headless. Ph\u00e1t hi\u1ec7n n\u00e0y \u0111\u01b0\u1ee3c th\u1ef1c hi\u1ec7n b\u1edfi nh\u00e0 nghi\u00ean c\u1ee9u b\u1ea3o m\u1eadt Alex Chapman th\u00f4ng qua ch\u01b0\u01a1ng tr\u00ecnh bug bounty, bu\u1ed9c Grafana Labs ph\u1ea3i nhanh ch\u00f3ng ph\u00e1t h\u00e0nh b\u1ea3n c\u1eadp nh\u1eadt \u0111\u1ec3 gi\u1ea3m thi\u1ec3u r\u1ee7i ro cho ng\u01b0\u1eddi d\u00f9ng.<\/p>\n

B\u1ed1n l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt \u0111\u01b0\u1ee3c x\u00e1c \u0111\u1ecbnh \u0111\u1ec1u c\u00f3 m\u1ee9c \u0111\u1ed9 nghi\u00eam tr\u1ecdng cao, v\u1edbi \u0111i\u1ec3m CVSS dao \u0111\u1ed9ng t\u1eeb 8.1 \u0111\u1ebfn 8.8. C\u1ee5 th\u1ec3, CVE-2025-5959 v\u00e0 CVE-2025-6554 l\u00e0 c\u00e1c l\u1ed7i type confusion trong JavaScript engine V8 c\u1ee7a Chromium. Nh\u1eefng l\u1ed7 h\u1ed5ng n\u00e0y c\u00f3 th\u1ec3 cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng th\u1ef1c thi m\u00e3 t\u1eeb xa ho\u1eb7c th\u1ef1c hi\u1ec7n c\u00e1c thao t\u00e1c \u0111\u1ecdc, ghi b\u1ed9 nh\u1edb t\u00f9y \u00fd th\u00f4ng qua vi\u1ec7c x\u1eed l\u00fd m\u1ed9t trang HTML \u0111\u01b0\u1ee3c thi\u1ebft k\u1ebf \u0111\u1eb7c bi\u1ec7t. Trong khi \u0111\u00f3, CVE-2025-6191 li\u00ean quan \u0111\u1ebfn l\u1ed7i tr\u00e0n s\u1ed1 nguy\u00ean trong V8, c\u00f3 th\u1ec3 d\u1eabn \u0111\u1ebfn truy c\u1eadp ngo\u00e0i v\u00f9ng nh\u1edb h\u1ee3p l\u1ec7. Cu\u1ed1i c\u00f9ng, CVE-2025-6192 l\u00e0 l\u1ed7i use-after-free trong th\u00e0nh ph\u1ea7n Chrome Metrics, g\u00e2y ra t\u00ecnh tr\u1ea1ng l\u1ed7i b\u1ed9 nh\u1edb heap khi x\u1eed l\u00fd n\u1ed9i dung HTML \u0111\u1ed9c h\u1ea1i. T\u1ea5t c\u1ea3 c\u00e1c l\u1ed7i n\u00e0y \u0111\u1ec1u c\u00f3 th\u1ec3 b\u1ecb l\u1ee3i d\u1ee5ng \u0111\u1ec3 l\u00e0m h\u1ecfng b\u1ed9 nh\u1edb ho\u1eb7c gi\u00e0nh quy\u1ec1n ki\u1ec3m so\u00e1t ti\u1ebfn tr\u00ecnh render.<\/p>\n

\"\"<\/p>\n

Hai th\u00e0nh ph\u1ea7n b\u1ecb \u1ea3nh h\u01b0\u1edfng tr\u1ef1c ti\u1ebfp l\u00e0 Image Renderer (c\u00e1c phi\u00ean b\u1ea3n tr\u01b0\u1edbc 3.12.9) v\u00e0 Synthetic Monitoring Agent (c\u00e1c phi\u00ean b\u1ea3n tr\u01b0\u1edbc 0.38.3). Image Renderer l\u00e0 m\u1ed9t plugin r\u1ea5t ph\u1ed5 bi\u1ebfn trong c\u00e1c h\u1ec7 th\u1ed1ng Grafana tri\u1ec3n khai th\u1ef1c t\u1ebf, \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 chuy\u1ec3n \u0111\u1ed5i dashboard th\u00e0nh h\u00ecnh \u1ea3nh nh\u1eb1m ph\u1ee5c v\u1ee5 b\u00e1o c\u00e1o, chia s\u1ebb ho\u1eb7c nh\u00fang v\u00e0o c\u00e1c \u1ee9ng d\u1ee5ng b\u00ean ngo\u00e0i. M\u1eb7c d\u00f9 plugin n\u00e0y kh\u00f4ng \u0111\u01b0\u1ee3c c\u00e0i \u0111\u1eb7t m\u1eb7c \u0111\u1ecbnh, n\u00f3 \u0111\u00e3 ghi nh\u1eadn h\u00e0ng tri\u1ec7u l\u01b0\u1ee3t t\u1ea3i v\u00e0 xu\u1ea5t hi\u1ec7n trong r\u1ea5t nhi\u1ec1u m\u00f4i tr\u01b0\u1eddng s\u1ea3n xu\u1ea5t. Trong khi \u0111\u00f3, Synthetic Monitoring Agent \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng ch\u1ee7 y\u1ebfu trong Grafana Cloud \u0111\u1ec3 th\u1ef1c hi\u1ec7n c\u00e1c b\u00e0i ki\u1ec3m th\u1eed hi\u1ec7u n\u0103ng v\u00e0 \u0111\u1ed9 s\u1eb5n s\u00e0ng t\u1eeb nhi\u1ec1u v\u1ecb tr\u00ed m\u1ea1ng kh\u00e1c nhau tr\u00ean to\u00e0n c\u1ea7u. D\u00f9 m\u1ee9c \u0111\u1ed9 ph\u1ed5 bi\u1ebfn th\u1ea5p h\u01a1n, th\u00e0nh ph\u1ea7n n\u00e0y th\u01b0\u1eddng \u0111\u01b0\u1ee3c tri\u1ec3n khai trong c\u00e1c h\u1ec7 th\u1ed1ng c\u00f3 gi\u00e1 tr\u1ecb cao v\u00e0 y\u00eau c\u1ea7u \u0111\u1ed9 tin c\u1eady l\u1edbn.<\/p>\n

\u0110i\u1ec3m chung gi\u1eefa hai th\u00e0nh ph\u1ea7n tr\u00ean l\u00e0 \u0111\u1ec1u t\u00edch h\u1ee3p Chromium \u1edf ch\u1ebf \u0111\u1ed9 headless \u0111\u1ec3 render n\u1ed9i dung HTML. Ch\u00ednh vi\u1ec7c ph\u1ee5 thu\u1ed9c v\u00e0o m\u1ed9t engine tr\u00ecnh duy\u1ec7t ph\u1ee9c t\u1ea1p nh\u01b0 Chromium \u0111\u00e3 khi\u1ebfn c\u00e1c plugin n\u00e0y ch\u1ecbu \u1ea3nh h\u01b0\u1edfng tr\u1ef1c ti\u1ebfp khi Chromium xu\u1ea5t hi\u1ec7n l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt. Trong k\u1ecbch b\u1ea3n b\u1ecb khai th\u00e1c, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 cung c\u1ea5p n\u1ed9i dung HTML \u0111\u1ed9c h\u1ea1i \u0111\u1ec3 k\u00edch ho\u1ea1t c\u00e1c l\u1ed7i trong V8 ho\u1eb7c c\u00e1c module li\u00ean quan, t\u1eeb \u0111\u00f3 g\u00e2y ra th\u1ef1c thi m\u00e3 ho\u1eb7c ph\u00e1 ho\u1ea1i b\u1ed9 nh\u1edb trong ti\u1ebfn tr\u00ecnh render c\u1ee7a Grafana.<\/p>\n

Tr\u01b0\u1edbc m\u1ee9c \u0111\u1ed9 r\u1ee7i ro n\u00e0y, Grafana Labs khuy\u1ebfn ngh\u1ecb ng\u01b0\u1eddi d\u00f9ng c\u1ea7n c\u1eadp nh\u1eadt ngay l\u1eadp t\u1ee9c c\u00e1c th\u00e0nh ph\u1ea7n b\u1ecb \u1ea3nh h\u01b0\u1edfng. \u0110\u1ed1i v\u1edbi Image Renderer v\u00e0 Synthetic Monitoring Agent, ng\u01b0\u1eddi d\u00f9ng c\u00f3 th\u1ec3 th\u1ef1c hi\u1ec7n c\u1eadp nh\u1eadt th\u00f4ng qua grafana-cli ho\u1eb7c k\u00e9o c\u00e1c image Docker m\u1edbi nh\u1ea5t t\u01b0\u01a1ng \u1ee9ng v\u1edbi phi\u00ean b\u1ea3n \u0111\u00e3 \u0111\u01b0\u1ee3c v\u00e1, bao g\u1ed3m Image Renderer 3.12.9 v\u00e0 Synthetic Monitoring Agent 0.38.3-browser. \u0110\u1ed1i v\u1edbi ng\u01b0\u1eddi d\u00f9ng Grafana Cloud v\u00e0 Azure Managed Grafana, Grafana x\u00e1c nh\u1eadn r\u1eb1ng h\u1ec7 th\u1ed1ng \u0111\u00e3 \u0111\u01b0\u1ee3c v\u00e1 t\u1ef1 \u0111\u1ed9ng, do \u0111\u00f3 kh\u00f4ng c\u1ea7n th\u1ef1c hi\u1ec7n th\u00eam b\u1ea5t k\u1ef3 h\u00e0nh \u0111\u1ed9ng th\u1ee7 c\u00f4ng n\u00e0o.<\/p>\n

S\u1ef1 c\u1ed1 l\u1ea7n n\u00e0y m\u1ed9t l\u1ea7n n\u1eefa cho th\u1ea5y r\u1ee7i ro ti\u1ec1m \u1ea9n khi c\u00e1c h\u1ec7 th\u1ed1ng ph\u1ee5 thu\u1ed9c v\u00e0o nh\u1eefng th\u00e0nh ph\u1ea7n b\u00ean ngo\u00e0i c\u00f3 \u0111\u1ed9 ph\u1ee9c t\u1ea1p cao nh\u01b0 Chromium. Ngay c\u1ea3 khi l\u00f5i \u1ee9ng d\u1ee5ng \u0111\u01b0\u1ee3c b\u1ea3o m\u1eadt t\u1ed1t, m\u1ed9t plugin ch\u1eadm c\u1eadp nh\u1eadt c\u0169ng c\u00f3 th\u1ec3 tr\u1edf th\u00e0nh m\u1eaft x\u00edch y\u1ebfu, m\u1edf \u0111\u01b0\u1eddng cho c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng s\u00e2u v\u00e0o to\u00e0n b\u1ed9 h\u1ea1 t\u1ea7ng gi\u00e1m s\u00e1t. Trong b\u1ed1i c\u1ea3nh Grafana th\u01b0\u1eddng \u0111\u01b0\u1ee3c tri\u1ec3n khai \u1edf v\u1ecb tr\u00ed trung t\u00e2m c\u1ee7a h\u1ec7 th\u1ed1ng quan s\u00e1t v\u00e0 v\u1eadn h\u00e0nh, vi\u1ec7c \u0111\u1ea3m b\u1ea3o c\u00e1c plugin v\u00e0 ph\u1ee5 thu\u1ed9c \u0111\u01b0\u1ee3c v\u00e1 k\u1ecbp th\u1eddi l\u00e0 y\u00eau c\u1ea7u thi\u1ebft y\u1ebfu \u0111\u1ec3 tr\u00e1nh nh\u1eefng h\u1ec7 qu\u1ea3 nghi\u00eam tr\u1ecdng v\u1ec1 an ninh.<\/p>\n","protected":false},"excerpt":{"rendered":"

Grafana Labs v\u1eeba ph\u00e1t h\u00e0nh m\u1ed9t b\u1ea3n v\u00e1 b\u1ea3o m\u1eadt kh\u1ea9n c\u1ea5p d\u00e0nh cho hai th\u00e0nh ph\u1ea7n quan tr\u1ecdng l\u00e0 plugin Image Renderer v\u00e0 Synthetic Monitoring Agent, sau khi ph\u00e1t hi\u1ec7n b\u1ed1n l\u1ed7 h\u1ed5ng nghi\u00eam tr\u1ecdng t\u1ed3n t\u1ea1i trong th\u01b0 vi\u1ec7n Chromium \u0111\u01b0\u1ee3c t\u00edch h\u1ee3p b\u00ean trong c\u00e1c th\u00e0nh ph\u1ea7n n\u00e0y. M\u1eb7c d\u00f9 c\u00e1c l\u1ed7 […]<\/p>\n","protected":false},"author":46,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[33],"tags":[],"class_list":["post-10189","post","type-post","status-publish","format-standard","hentry","category-tin-tuc-cua-vien"],"_links":{"self":[{"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/posts\/10189","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/users\/46"}],"replies":[{"embeddable":true,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/comments?post=10189"}],"version-history":[{"count":0,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/posts\/10189\/revisions"}],"wp:attachment":[{"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/media?parent=10189"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/categories?post=10189"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/tags?post=10189"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}