[Bug 1628687] Re: Assertion failure when PID 1 receives a zero-length message over notify socket

[Launchpad Bug Tracker]

This bug was fixed in the package systemd - 229-4ubuntu11

---
systemd (229-4ubuntu11) xenial; urgency=medium

  * 73-usb-net-by-mac.rules: Split kernel command line import line.
Reportedly this makes the rule actually work on some platforms. Thanks
Alp Toker! (LP: #1593379)
  * fsckd: Do not exit on idle timeout if there are still clients connected
(Closes: #788050, LP: #1547844)
  * libnss-*.prerm: Remove possible [key=value] options from NSS modules as
well. (LP: #1625584)
  * Backport networkd 231. Compared to 229 this has a lot of fixes, some of
which we need for good netplan support. Backporting them individually
would be a lot more work and a lot less robust, and we did not use/support
networkd in 16.04 so far. Drop the other network related patches as they
are included in this backport now. (LP: #1627641)
  * debian/tests/networkd: Re-enable the the DHCPv6 tests. The DHCPv6
behaviour is fixed with the above backport now.
  * pid1: process zero-length notification messages again. Just remove the
assertion, the "n" value was not used anyway. This fixes a local DoS due
to unprocessed/unclosed fds which got introduced by the previous fix.
(LP: #1628687)
  * pid1: Robustify manager_dispatch_notify_fd(). If
manager_dispatch_notify_fd() fails and returns an error then the handling
of service notifications will be disabled entirely leading to a
compromised system. (side issue of LP: #1628687)

 -- Martin Pitt   Tue, 04 Oct 2016 21:43:04
+0200

** Changed in: systemd (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1628687

Title:
  Assertion failure when PID 1 receives a zero-length message over
  notify socket

To manage notifications about this bug go to:
https://bugs.launchpad.net/systemd/+bug/1628687/+subscriptions

-- 
desktop-bugs mailing list
desktop-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/desktop-bugs

[Bug 1628687] Re: Assertion failure when PID 1 receives a zero-length message over notify socket

[Bug Watch Updater]

** Changed in: systemd
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1628687

Title:
  Assertion failure when PID 1 receives a zero-length message over
  notify socket

To manage notifications about this bug go to:
https://bugs.launchpad.net/systemd/+bug/1628687/+subscriptions

-- 
desktop-bugs mailing list
desktop-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/desktop-bugs

[Bug 1628687] Re: Assertion failure when PID 1 receives a zero-length message over notify socket

[Launchpad Bug Tracker]

This bug was fixed in the package systemd - 231-9

---
systemd (231-9) unstable; urgency=medium

  * pid1: process zero-length notification messages again.
Just remove the assertion, the "n" value was not used anyway. This fixes
a local DoS due to unprocessed/unclosed fds which got introduced by the
previous fix. (Closes: #839171) (LP: #1628687)
  * pid1: Robustify manager_dispatch_notify_fd()
  * test/networkd-test.py: Add missing writeConfig() helper function.

 -- Martin Pitt   Thu, 29 Sep 2016 23:39:24
+0200

** Changed in: systemd (Ubuntu Yakkety)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1628687

Title:
  Assertion failure when PID 1 receives a zero-length message over
  notify socket

To manage notifications about this bug go to:
https://bugs.launchpad.net/systemd/+bug/1628687/+subscriptions

-- 
desktop-bugs mailing list
desktop-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/desktop-bugs

[Bug 1628687] Re: Assertion failure when PID 1 receives a zero-length message over notify socket

[Martin Pitt]

That initial fix just changed a DoS through assert() into a DoS through
fd exhaustion. This is being handled in
https://github.com/systemd/systemd/pull/4242 .

Please let's handle this upstream first and not put out another USN in
haste -- after all, this is just a local DoS, so far from being a
catastrophe (you can DoS the machine as user in lots of other ways).

** Changed in: systemd (Ubuntu Xenial)
   Status: Fix Released => In Progress

** Changed in: systemd (Ubuntu Yakkety)
   Status: Fix Committed => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1628687

Title:
  Assertion failure when PID 1 receives a zero-length message over
  notify socket

To manage notifications about this bug go to:
https://bugs.launchpad.net/systemd/+bug/1628687/+subscriptions

-- 
desktop-bugs mailing list
desktop-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/desktop-bugs

[Bug 1628687] Re: Assertion failure when PID 1 receives a zero-length message over notify socket

[Launchpad Bug Tracker]

This bug was fixed in the package systemd - 229-4ubuntu10

---
systemd (229-4ubuntu10) xenial-security; urgency=medium

  * SECURITY UPDATE: zero-length notify message triggers abort/denial of
service
- systemd-dont_assert_on_zero_length_message-lp1628687.patch: change
  assert to simple return + log (LP: #1628687)
- Thanks to Jorge Niedbalski  for
  the patch.

 -- Steve Beattie   Wed, 28 Sep 2016 14:21:42 -0700

** Changed in: systemd (Ubuntu Xenial)
   Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1628687

Title:
  Assertion failure when PID 1 receives a zero-length message over
  notify socket

To manage notifications about this bug go to:
https://bugs.launchpad.net/systemd/+bug/1628687/+subscriptions

-- 
desktop-bugs mailing list
desktop-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/desktop-bugs

[Bug 1628687] Re: Assertion failure when PID 1 receives a zero-length message over notify socket

[Martin Pitt]

** Bug watch added: github.com/systemd/systemd/issues #4234
   https://github.com/systemd/systemd/issues/4234

** Also affects: systemd via
   https://github.com/systemd/systemd/issues/4234
   Importance: Unknown
   Status: Unknown

** Changed in: systemd (Ubuntu Xenial)
   Importance: Undecided => High

** Changed in: systemd (Ubuntu Yakkety)
   Importance: Undecided => High

-- 
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1628687

Title:
  Assertion failure when PID 1 receives a zero-length message over
  notify socket

To manage notifications about this bug go to:
https://bugs.launchpad.net/systemd/+bug/1628687/+subscriptions

-- 
desktop-bugs mailing list
desktop-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/desktop-bugs

[Bug 1628687] Re: Assertion failure when PID 1 receives a zero-length message over notify socket

[Steve Beattie]

** Also affects: systemd (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Also affects: systemd (Ubuntu Yakkety)
   Importance: Undecided
   Status: Confirmed

** Changed in: systemd (Ubuntu Xenial)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1628687

Title:
  Assertion failure when PID 1 receives a zero-length message over
  notify socket

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1628687/+subscriptions

-- 
desktop-bugs mailing list
desktop-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/desktop-bugs