Public bug reported: Distribution: Ubuntu 16.04 x64 (Flavour: KDE Neon User Edition 5.10)
linux-image-4.4.0-81-generic appears to contain a regression, probably related to the CVE-2017-1000364 fix backport / patch. Using this kernel, the Oracle Java browser plugin always crashes during stack-related actions on initialization. This means, the plugin completely stopped working. It works perfectly fine in linux-image-4.4.0-79-generic (vurlerable to CVE-2017-1000364) as well as linux-image-4.11.6-041106-generic, which also contains a fix for CVE-2017-1000364. uname -a: > Linux Zweiblum 4.4.0-81-generic #104-Ubuntu SMP Wed Jun 14 08:17:06 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux I tested Oracle Java 1.8 u131 as well as 1.6 u64 in Firefox 51.0.1 as well as Iceweasel / Firefox/3.5.16 in a chroot. Using linux-image-4.4.0-81-generic it crashes in all combinations while with both other kernels it works. I was not able to obtain any detailed crash information from Firefox 51.0.1, but Iceweasel 3.5.16 crashed completely, allowing me to obtain a stack trace which shows the relation to stack operations performed by the plugin, even without proper debug symbols: > (gdb) bt full > #0 0x00007fa06d805307 in _expand_stack_to(unsigned char*) () from > /opt/java-8-oracle/jre/lib/amd64/server/libjvm.so > No symbol table info available. > #1 0x00007fa06d8053ae in os::Linux::manually_expand_stack(JavaThread*, > unsigned char*) () > from /opt/java-8-oracle/jre/lib/amd64/server/libjvm.so > No symbol table info available. > #2 0x00007fa06d80cf0b in JVM_handle_linux_signal () from > /opt/java-8-oracle/jre/lib/amd64/server/libjvm.so > No symbol table info available. > #3 0x00007fa06d802e13 in signalHandler(int, siginfo*, void*) () from > /opt/java-8-oracle/jre/lib/amd64/server/libjvm.so > No symbol table info available. > #4 <signal handler called> I first assumed a bug in the Java plugin, but it works fine in Linux 4.11.6. The crash will be triggered by any applet, for example the test applet at: * https://java.com/en/download/installed8.jsp I'm running the Ubuntu 16.04 based KDE Neon distribution which somehow apparently does not allow me to use apport to report this bug: > $ LANG= apport-cli linux-image-4.4.0-81-generic > > *** Collecting problem information > > The collected information can be sent to the developers to improve the > application. This might take a few minutes. > ......... > > *** Problem in linux-image-4.4.0-81-generic > > The problem cannot be reported: > > This is not an official KDE package. Please remove any third party package > and try again. If someone can tell me how to get apport working for this package, I can use it to collect additional information, but (unfortunately?) the problem should be fairly easy to reproduce... ** Affects: linux (Ubuntu) Importance: Undecided Status: Confirmed ** Package changed: mesa (Ubuntu) => linux (Ubuntu) ** CVE added: https://cve.mitre.org/cgi- bin/cvename.cgi?name=2017-1000364 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1699772 Title: linux-image-4.4.0-81-generic Regression: Oracle Java plugin crashes To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1699772/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
