Subject: potential race resulting in a fault under heavy pressure Package: libproc2-0 Source: procps X-Debbugs-Cc: [email protected] Version: 4.0.2 Severity: Important
Originally reported upstream affecting Debian Stable 12 (Bookworm) prior to 13 (Trixie) release. https://gitlab.com/procps-ng/procps/-/issues/380 Comment by has the best description: Tsukasa OI [ https://gitlab.com/procps-ng/procps/-/issues/380#note_2679799366] In simple_readproc (in library/readproc.c), it attempts to set certain > strings only if reading certain file in /proc/[PID] succeeds. > A proc_t member ruser is one of them (requires /proc/[PID]/status to be > available) and this is exported via pids.c without checking whether the > ruser is set to a non-NULL value by reading /proc/[PID]/status. However, > an attempt to open /proc/[PID]/status can fail if the process no longer > exists even if the file status is attempted to be opened using a valid open > /proc/[PID] directory handle and openat. > If the program on the other side (like ps and top) is not aware of such > NULL strings, it causes segmentation fault. Ubuntu Bug: https://bugs.launchpad.net/ubuntu/+source/procps/+bug/2120904 -- ----------------------- Dr. John Chittum Engineering Manager, Canonical, Debcrafters
