{"id":39705,"date":"2023-02-28T12:35:00","date_gmt":"2023-02-28T05:35:00","guid":{"rendered":"https:\/\/wiki.tino.org\/staging\/?p=39705"},"modified":"2025-06-11T16:26:16","modified_gmt":"2025-06-11T09:26:16","slug":"lo-hong-bao-mat-php-fpm","status":"publish","type":"post","link":"https:\/\/tino.vn\/blog\/lo-hong-bao-mat-php-fpm\/","title":{"rendered":"L\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt PHP-FPM chi\u1ebfm d\u1ee5ng quy\u1ec1n root (CVE-2021-21703) – H\u01b0\u1edbng d\u1eabn kh\u1eafc ph\u1ee5c tr\u00ean VPS s\u1eed d\u1ee5ng Directadmin"},"content":{"rendered":"\n

L\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt PHP-FPM chi\u1ebfm d\u1ee5ng quy\u1ec1n root (CVE-2021-21703)<\/strong><\/h2>\n\n\n\n

PHP-FPM<\/a> (FastCGI Process Manager)<\/em> l\u00e0 m\u1ed9t ch\u01b0\u01a1ng tr\u00ecnh phi\u00ean d\u1ecbch PHP khi ch\u1ea1y trang web cho web server<\/em><\/a>. PHP-FPM  ph\u00e1t tri\u1ec3n qua s\u1ef1 m\u1edf r\u1ed9ng c\u1ee7a CGI . PHP-FPM c\u00f3 ch\u1ee9c n\u0103ng t\u1ed1i \u01b0u qu\u00e1 tr\u00ecnh x\u1eed l\u00fd th\u00f4ng tin c\u1ee7a c\u00e1c m\u00e1y ch\u1ee7 web, h\u1ed7 tr\u1ee3 vi\u1ec7c x\u1eed l\u00fd th\u00f4ng tin t\u1eeb nhi\u1ec1u trang web trong c\u00f9ng m\u1ed9t kho\u1ea3ng th\u1eddi gian m\u1ed9t c\u00e1ch nhanh nh\u1ea5t. V\u1edbi t\u1ed1c \u0111\u1ed9 x\u1eed l\u00fd PHP script nhanh c\u00f9ng t\u00ednh n\u0103ng t\u1ed1i \u01b0u ho\u00e1 cho nh\u1eefng trang web c\u00f3 k\u00edch th\u01b0\u1edbc l\u1edbn, gi\u00fap t\u0103ng l\u01b0\u1ee3ng truy c\u1eadp hi\u1ec7n t\u1ea1i php-fpm \u0111ang \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng r\u1ea5t r\u1ed9ng r\u00e3i.<\/p>\n\n\n

\n
\"php-fpm-phat-trien-qua-su-mo-rong-cua-cgi\"
PHP-FPM\u00a0 ph\u00e1t tri\u1ec3n qua s\u1ef1 m\u1edf r\u1ed9ng c\u1ee7a CGI<\/figcaption><\/figure>\n<\/div>\n\n\n

Tuy nhi\u00ean theo c\u00f4ng b\u1ed1 m\u1edbi nh\u1ea5t, PHP-FPM \u0111ang c\u00f3 l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt nghi\u00eam tr\u1ecdng, c\u00f3 th\u1ec3 b\u1ecb khai th\u00e1c \u0111\u1ec3 chi\u1ebfm d\u1ee5ng quy\u1ec1n root \u0111\u00e3 t\u1ed3n t\u1ea1i \u0111\u01b0\u1ee3c h\u01a1n 10 n\u0103m.<\/p>\n\n\n\n

L\u1ed7 h\u1ed5ng n\u00e0y cho ph\u00e9p m\u1ed9t ti\u1ebfn tr\u00ecnh c\u00f3 \u0111\u1eb7c quy\u1ec1n th\u1ea5p c\u00f3 th\u1ec3 \u0111\u1ecdc v\u00e0 ghi m\u1ed9t m\u1ea3ng con tr\u1ecf \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng b\u1edfi ti\u1ebfn tr\u00ecnh main ch\u1ea1y d\u01b0\u1edbi quy\u1ec1n root, th\u00f4ng qua b\u1ed9 nh\u1edb d\u00f9ng chung. K\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 l\u1ee3i d\u1ee5ng s\u1ef1 c\u1ed1 n\u00e0y \u0111\u1ec3 thay \u0111\u1ed5i s\u1ed1 nguy\u00ean 32 bit t\u1eeb 0 th\u00e0nh 1 trong b\u1ed9 nh\u1edb c\u1ee7a ti\u1ebfn tr\u00ecnh main ho\u1eb7c x\u00f3a m\u1ed9t v\u00f9ng b\u1ed9 nh\u1edb. B\u1eb1ng c\u00e1ch l\u1ee3i d\u1ee5ng , khai th\u00e1c l\u1ed7i n\u00e0y hacker<\/a> c\u00f3 th\u1ec3 ti\u1ebfp c\u1eadn v\u00e0 khi\u1ebfn c\u00e1c ti\u1ec1n tr\u00ecnh Main th\u1ef1c thi m\u00e3 v\u00e0 qua \u0111\u00f3 leo thang \u0111\u1eb7c quy\u1ec1n.<\/p>\n\n\n\n

Theo th\u00f4ng tin t\u1eeb ph\u00eda PHP, c\u00e1c phi\u00ean b\u1ea3n \u1ea3nh h\u01b0\u1edfng bao g\u1ed3m PHP 7.2.x, 7.3.x \u0111\u1ebfn PHP 7.4.24 v\u00e0 t\u1eeb 8.0.x \u0111\u1ebfn 8.0.11. Trang ch\u1ee7 ch\u00ednh th\u1ee9c c\u1ee7a PHP<\/a> \u0111\u00e3 ph\u00e1t h\u00e0nh phi\u00ean b\u1ea3n v\u00e1 l\u1ed7i PHP 7.4.25 v\u00e0 8.0.12 v\u00e0o ng\u00e0y 21\/10\/2021. C\u00e1c l\u1ed7i n\u00e0y \u0111\u01b0\u1ee3c c\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u b\u1ea3o m\u1eadt b\u00e1o c\u00e1o h\u1ed3i th\u00e1ng 05\/2021. Sau khi v\u00e1 l\u1ed7i xong c\u00e1ch \u0111\u00e2y 7 ng\u00e0y, h\u1ecd \u0111\u00e3 c\u00f4ng khai l\u1ed7i v\u1edbi m\u00e3 \u0111\u1ecbnh danh CVE-2021-21703. Tuy nhi\u00ean theo th\u00f4ng tin t\u1eeb c\u00e1c di\u1ec5n \u0111\u00e0n, Twitter  th\u00ec h\u1ea7u nh\u01b0 c\u00e1c phi\u00ean b\u1ea3n php \u0111\u1ec1u b\u1ecb \u1ea3nh h\u01b0\u1edfng.<\/p>\n\n\n\n

M\u1ed9t s\u1ed1 link b\u00e0i vi\u1ebft v\u1ec1 th\u00f4ng tin l\u1ed7i n\u00e0y: <\/p>\n\n\n\n

https://bugs.php.net\/bug.php?id=81026\nhttps:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-21703\nhttps:\/\/security-tracker.debian.org\/tracker\/CVE-2021-21703<\/code><\/pre>\n\n\n\n

\u0110\u1ed1i v\u1edbi c\u00e1c VPS<\/a> s\u1eed d\u1ee5ng webserver l\u00e0 nginx<\/a> v\u00e0 php-fpm b\u1ea1n c\u00f3 th\u1ec3  c\u1eadp nh\u1eadt, build  l\u1ea1i phi\u00ean b\u1ea3n php m\u1edbi nh\u1ea5t \u0111\u1ec3 kh\u1eafc ph\u1ee5c l\u1ed7i n\u00e0y. Tu\u1ef3 thu\u1ed9c v\u00e0o Control panel , stack script b\u1ea1n \u0111ang s\u1eed d\u1ee5ng s\u1ebd c\u00f3 nh\u1eefng c\u00e1ch c\u1eadp nh\u1eadt ch\u1ee7 \u0111\u1ed9ng hay th\u1ee7 c\u00f4ng kh\u00e1c nhau.

B\u1ea1n ch\u1ea1y l\u1ec7nh sau \u0111\u1ec3 check VPS c\u00f3 ho\u1ea1t \u0111\u1ed9ng v\u1edbi php-fpm hay kh\u00f4ng.<\/p>\n\n\n\n
 ps aux | grep php-fpm | grep process<\/strong><\/em> 
<\/p>\n\n\n
\n
\"\"
VPS s\u1eed d\u1ee5ng php-fpm<\/figcaption><\/figure>\n<\/div>\n\n\n
H\u01b0\u1edbng d\u1eabn kh\u1eafc ph\u1ee5c v\u1edbi VPS s\u1eed d\u1ee5ng Directadmin<\/strong><\/h2>\n\n\n\n
\u0110\u1ed1i v\u1edbi VPS s\u1eed d\u1ee5ng Directadmin<\/a>, th\u00f4ng th\u01b0\u1eddng m\u1eb7c \u0111\u1ecbnh b\u1ea1n s\u1ebd s\u1eed d\u1ee5ng mod_php ho\u1eb7c n\u1ebfu nh\u01b0 b\u1ea1n s\u1eed d\u1ee5ng openlitespeed b\u1ea1n kh\u00f4ng c\u1ea7n c\u1eadp nh\u1eadt .
\u0110\u1ed1i v\u1edbi c\u00e1c VPS s\u1eed d\u1ee5ng Directadmin v\u1edbi nginx l\u00e0 webserver v\u00e0 s\u1eed d\u1ee5ng php-fpm tr\u00ean m\u1ed9t ho\u1eb7c nhi\u1ec1u phi\u00ean b\u1ea3n, b\u1ea1n n\u00ean build l\u1ea1i php trong custombuild c\u1ee7a directadmin. <\/p>\n\n\n\n
C\u00e1ch 1. Ch\u1ea1y l\u1ec7nh ki\u1ec3m tra t\u1ef1 \u0111\u1ed9ng<\/strong><\/h3>\n\n\n\n

B\u1ea1n copy to\u00e0n b\u1ed9 c\u00e2u l\u1ec7nh ph\u00eda d\u01b0\u1edbi v\u00e0 d\u00e1n v\u00e0o terminal VPS,  l\u1ec7nh s\u1ebd ki\u1ec3m ki\u1ec3m tra v\u00e0 c\u1eadp nh\u1eadt php n\u1ebfu nh\u01b0 VPS directadmin c\u1ee7a b\u1ea1n c\u00f3 s\u1eed d\u1ee5ng php-fpm. N\u1ebfu kh\u00f4ng s\u1eed d\u1ee5ng php-fpm , c\u00e2u l\u1ec7nh s\u1ebd kh\u00f4ng c\u1eadp nh\u1eadt php.
Vi\u1ec7c c\u1eadp nh\u1eadt php s\u1ebd di\u1ec5n ra kho\u1ea3ng 30 ph\u00fat t\u1edbi 1 ti\u1ebfng v\u1edbi custombuild tr\u00ean directadmin b\u1ea1n vui l\u00f2ng gi\u1eef k\u1ebft n\u1ed1i SSH<\/a> t\u1edbi VPS khi \u0111ang c\u1eadp nh\u1eadt.
L\u01b0u \u00fd: v\u1edbi custombuild ch\u1ec9 ho\u1ea1t \u0111\u1ed9ng \u1ed5n \u0111\u1ecbnh \u0111\u1ed1i v\u1edbi VPS t\u1eeb 2GB ram tr\u1edf l\u00ean, \u0111\u1ed1i v\u1edbi VPS d\u01b0\u1edbi 2GB ram, b\u1ea1n vui l\u00f2ng n\u00e2ng c\u1ea5p ram tr\u01b0\u1edbc khi ch\u1ea1y l\u1ec7nh c\u1eadp nh\u1eadt.<\/p>\n\n\n\n
if systemctl is-active --quiet php-fpm*; then\necho -e \"\\nPhat hien tien trinh php-fpm, chuan bi cap nhat sau 10s\u2026\\n\"\nsleep 10;\ncd \/usr\/local\/directadmin\/custombuild\n.\/build update\n.\/build php n\n.\/build rewrite_confs\nelse\necho \"Khong phat hien php-fpm , Thoat chuong trinh\"\nfi<\/code><\/pre>\n\n\n\n
\n
<\/p>\n<\/blockquote>\n\n\n
\n
\"\"
H\u00ecnh \u1ea3nh ch\u1ea1y l\u1ec7nh.<\/figcaption><\/figure>\n<\/div>\n\n\n
C\u00e1ch 2:  ki\u1ec3m tra v\u00e0 c\u1eadp nh\u1eadt th\u1ee7 c\u00f4ng Directadmin<\/strong><\/h3>\n\n\n\n
C\u00e1ch \u0110\u1ec3 ki\u1ec3m tra VPS c\u00f3 ch\u1ea1y php-fpm kh\u00f4ng b\u1ea1n s\u1eed d\u1ee5ng l\u1ec7nh sau : 
ps aux | grep php-fpm | grep process<\/strong><\/em><\/p>\n\n\n\n
N\u1ebfu kh\u00f4ng hi\u1ec3n th\u1ecb g\u00ec c\u00f3 ngh\u0129a l\u00e0 b\u1ea1n kh\u00f4ng s\u1eed d\u1ee5ng php-fpm v\u00e0 kh\u00f4ng c\u1ea7n c\u1eadp nh\u1eadt, c\u00f2n n\u1ebfu c\u00f3 hi\u1ec3n th\u1ecb c\u00f3 ngh\u0129a VPS b\u1ea1n c\u00f3 s\u1eed d\u1ee5ng php-fpm . 
<\/p>\n\n\n
\n
\"\"
VPS directadmin ch\u1ea1y php-fpm<\/figcaption><\/figure>\n<\/div>\n\n\n

B\u1ea1n c\u00f3 th\u1ec3 c\u1eadp nh\u1eadt th\u1ee7 c\u00f4ng  php-fpm b\u1eb1ng c\u00e1c l\u1ec7nh sau :<\/p>\n\n\n\n
cd \/usr\/local\/directadmin\/custombuild\n.\/build update\n.\/build php n\n.\/build rewrite_confs<\/p><\/code><\/pre>\n\n\n\n
Ch\u00fac c\u00e1c b\u1ea1n s\u1edbm c\u1eadp nh\u1eadt l\u1ed7i php th\u00e0nh c\u00f4ng nh\u00e9!<\/p>\n\n\n\n
<\/p>\n\n\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"
L\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt PHP-FPM chi\u1ebfm d\u1ee5ng quy\u1ec1n root (CVE-2021-21703) PHP-FPM (FastCGI Process Manager) l\u00e0 m\u1ed9t ch\u01b0\u01a1ng tr\u00ecnh phi\u00ean d\u1ecbch PHP khi ch\u1ea1y trang web cho web server. PHP-FPM  ph\u00e1t tri\u1ec3n qua s\u1ef1 m\u1edf r\u1ed9ng c\u1ee7a CGI . PHP-FPM c\u00f3 ch\u1ee9c n\u0103ng t\u1ed1i \u01b0u qu\u00e1 tr\u00ecnh x\u1eed l\u00fd th\u00f4ng tin c\u1ee7a c\u00e1c m\u00e1y ch\u1ee7 web, h\u1ed7 tr\u1ee3 vi\u1ec7c […]<\/p>\n","protected":false},"author":7,"featured_media":79486,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7377],"tags":[6187],"class_list":["post-39705","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-loi-thuong-gap","tag-ho-tro-developer"],"_links":{"self":[{"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/posts\/39705","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/comments?post=39705"}],"version-history":[{"count":1,"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/posts\/39705\/revisions"}],"predecessor-version":[{"id":114759,"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/posts\/39705\/revisions\/114759"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/media\/79486"}],"wp:attachment":[{"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/media?parent=39705"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/categories?post=39705"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tino.vn\/blog\/wp-json\/wp\/v2\/tags?post=39705"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}