[Bug 2069821] Re: [VROC] [Ub 24.04] mdadm: buffer overflow detected

Launchpad Bug Tracker 2069821 at bugs.launchpad.net
Thu Sep 26 18:18:17 UTC 2024 

This bug was fixed in the package mdadm - 4.3-1ubuntu2.1

---------------
mdadm (4.3-1ubuntu2.1) noble; urgency=medium

  * mdadm: wait for mdmon when it is started via systemd (LP: #2070371)
    - d/p/lp2070371-0001-util.c-change-devnm-to-const-in-mdmon-functions.patch
    - d/p/lp2070371-0002-Wait-for-mdmon-when-it-is-stared-via-systemd.patch
  * mdadm: buffer overflow detected (LP: #2069821)
    - d/p/lp2069821-0001-mdadm-platform-intel-buffer-overflow-detected.patch

 -- Hector Cao <hector.cao at canonical.com>  Mon, 29 Jul 2024 10:06:31
+0200

** Changed in: mdadm (Ubuntu Noble)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to mdadm in Ubuntu.
https://bugs.launchpad.net/bugs/2069821

Title:
  [VROC] [Ub 24.04] mdadm: buffer overflow detected

Status in mdadm package in Ubuntu:
  Fix Released
Status in mdadm source package in Noble:
  Fix Released
Status in mdadm source package in Oracular:
  Fix Released

Bug description:
  [ Impact ]

  mdadm crashes sporadically with error *** buffer overflow detected ***
  at some invokations:

  - mdadm --detail-pl
  - mdadm -CR /dev/md0 -l1 -n2 /dev/nvme0n1 /dev/nvme1n1
  *** buffer overflow detected ***: terminated
  Aborted (core dumped)

  [ Test Plan ]

  - Install mdadm
  - Issue this command several times:
  mdadm --detail-pl

  [ Where problems could occur ]

  The fix is very small and basically it replaces the unsafe functions call
  to sprintf by calling snprintf for Intel platforms (platform_intel.c)
  I do not expect high regression risk.

  [ Other Info ]

  mdadm is built with FORTIFY_SOURCE=3 (as it is done in Ubuntu 24.04).
  and it uses the unsafe function sprintf() that will cause the
  buffer-overflow error

  It is fixed in mdadm upstream:
  https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=827e1870f320545796d907f50af594e901399417

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mdadm/+bug/2069821/+subscriptions

More information about the foundations-bugs mailing list