This bug was fixed in the package numactl - 2.0.9~rc5-1ubuntu3.14.04.1
---
numactl (2.0.9~rc5-1ubuntu3.14.04.1) trusty-proposed; urgency=medium
* d/p/libnuma-ppc64el-cpu-number-not-contiguous - patch from Thierry FAUCK
(LP: #1358835)
*
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to numactl in Ubuntu.
https://bugs.launchpad.net/bugs/1441388
Title:
numactl crashes with segfault
To manage
This bug was fixed in the package numactl - 2.0.9~rc5-1ubuntu3.14.10.1
---
numactl (2.0.9~rc5-1ubuntu3.14.10.1) utopic-proposed; urgency=medium
* d/p/libnuma-ppc64el-cpu-number-not-contiguous - patch from Thierry FAUCK
(LP: #1358835)
*
I have tested both the 14.04 and 14.10 packages [1], and they work
great.
Splendid work, Chris!
-- [1]
http://archive.ubuntu.com/ubuntu/pool/universe/n/numactl/numactl_2.0.9~rc5-1ubuntu3.14.04.1_amd64.deb
Hello Daniel, or anyone else affected,
Accepted numactl into trusty-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/numactl/2.0.9~rc5-1ubuntu3.14.04.1
in a few hours, and then in the -proposed repository.
Please help us by testing this new package.
** Also affects: numactl (Ubuntu Utopic)
Importance: Undecided
Status: New
** Also affects: numactl (Ubuntu Trusty)
Importance: Undecided
Status: New
** Changed in: numactl (Ubuntu)
Importance: Undecided = High
** Changed in: numactl (Ubuntu Trusty)
Importance:
Do you know if a CVE has been assigned to this issue? I don't directly
see how it could be used to cross privilege boundaries. Is there
something I've missed?
Thanks
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to numactl in Ubuntu.
A CVE hasn't been assigned.
Presumably an attacker could manipulate the environment before an
application's libnuma call to have the uninitialised pointer point to
information in memory they'd like to extract, or cause a denial.
If an application that gained privileges (capabilities, setuid etc)
I've attached the debdiff with the fix.
** Patch added: debdiff with upstream fix
https://bugs.launchpad.net/ubuntu/+source/numactl/+bug/1441388/+attachment/4369005/+files/numactl_2.0.9%7Erc5-1ubuntu4.debdiff
--
You received this bug notification because you are a member of Ubuntu
Server
The attachment debdiff with upstream fix seems to be a debdiff. The
ubuntu-sponsors team has been subscribed to the bug report so that they
can review and hopefully sponsor the debdiff. If the attachment isn't a
patch, please remove the patch flag from the attachment, remove the
patch tag, and
10 matches
Mail list logo