[Bug 1441388] Re: numactl crashes with segfault

Chris J Arges 1441388 at bugs.launchpad.net
Wed Jun 3 14:38:58 UTC 2015 

Hello Daniel, or anyone else affected,

Accepted numactl into trusty-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/numactl/2.0.9~rc5-1ubuntu3.14.04.1
in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed.  Your feedback will aid us getting this update
out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed.  In either case, details of your testing will help
us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

** Changed in: numactl (Ubuntu Trusty)
       Status: New => Fix Committed

** Tags added: verification-needed

** Changed in: numactl (Ubuntu Utopic)
       Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1441388

Title:
  numactl crashes with segfault

Status in numactl package in Ubuntu:
  Fix Released
Status in numactl source package in Trusty:
  Fix Committed
Status in numactl source package in Utopic:
  Fix Committed

Bug description:
  ===============================================================
  SRU Justification
  Impact: program crashes, may be exploitable
  Test case: "numactl --hardware" on a large system
  Regression potential: this patch only makes sure that a bitmask is in bss to initialize to 0.
  ===============================================================
  numactl sometimes crashes when enumerating hardware:

  root at node1:~# numactl --hardware
  available: 648 nodes (0-647)
  Segmentation fault

  Further analysis shows that libnuma is using an uninitialised pointer,
  which value depends on program layout. When layout is sufficiently
  different, the pointer is non-NULL and the library parses the data
  pointed to as a bitmap, crashing.

  Therefore, it is possible to leverage this in an exploit.

  I have fixed the issue upstream:
  https://github.com/numactl/numactl/commit/6a7c2cf3f00e32082a1ada300cc585740e2b4bbd

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/numactl/+bug/1441388/+subscriptions

More information about the Ubuntu-sponsors mailing list