The following commit landed upstream that at least intends to fix the
bug outlined here, even though it does not enable proper auditing for
x32.
commit a3c54931199565930d6d84f4c3456f6440aefd41
Author: Andy Lutomirski <l...@amacapital.net>
Date: Wed May 28 23:09:58 2014 -0400
auditsc: audit_krule mask accesses need bounds checking
Fixes an easy DoS and possible information disclosure.
This does nothing about the broken state of x32 auditing.
eparis: If the admin has enabled auditd and has specifically loaded
audit rules. This bug has been around since before git. Wow...
Cc: sta...@vger.kernel.org
Signed-off-by: Andy Lutomirski <l...@amacapital.net>
Signed-off-by: Eric Paris <epa...@redhat.com>
Signed-off-by: Linus Torvalds <torva...@linux-foundation.org>
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1302605
Title:
Calls to /libx32/ld-linux-x32.so.2 hang when using auditd
Status in “linux” package in Ubuntu:
Confirmed
Status in “linux” source package in Trusty:
New
Bug description:
I'm running trusty on a bunch of machines, doing frequent dist-
upgrades. My hosts have gcc-multilib installed.
Yesterday, I noticed that initramfs generation was hanging. Today I
investigated further and found out that what was hanging were the
calls to /libx32/ld-linux-x32.so.2.
This is triggered in initramfs generation because there are at some
hooks that incorrectly use copy_exec to copy shell scripts into the
initramfs image. In a working machine, when ldd encounters a shell
script, it will first call the 64bit linker and since it fails, it
will then call the 32bit linker which will also fail.
However, in a machine affected by this bug, the second call will hang
forever, preventing new image generation, and package updates in
general, when this happens as a trigger for update-initramfs.
Originally I thought this was related to the kernel version, since I
was unable to reproduce in a freshly installed machine running -22 and
was reproducing it in a machine running -20, but now I'm also
reproducing it in a machine running -22, so it must be something else.
I'm sorry I can't provide the exact cause right now, but I think it's
worth noting that in some situation there might be a problem, and try
to find out which those situations are.
I now have one host running 3.13.0-22-generic, with
libc6-x32=2.19-0ubuntu3, where doing ldd /usr/bin/ldd hangs, and
another host, with the exact same kernel and libc6-x32 version where
doing ldd /usr/bin/ldd produces the expected error message (not a
dynamic executable). The main difference is that the first one was
installed yesterday and the second one was installed today. Both are
dist-upgraded to the latest version of everything.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1302605/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
