Public bug reported: == SRU Justification Focal ==
zfs mount -a when run on a nonempty mountpoint causes a double free, memory corruption, and a segfault. == Impact == Double free and memory corruption in ZFS when run as root and attempting to mount all. While running this I observed other ZFS volumes randomly unmounting, and mount points owner being spuriously zeroed (set to root). == Fix == https://github.com/openzfs/zfs/commit/d1b84da8c1a69c084f04b504beefe804591bca07 == Test == Steps are laid out in the ZFS issue: https://github.com/openzfs/zfs/issues/9560 == Regression Potential == Limited to the behavior of zfs mount when a previous attempt to mount has failed, or is still in progress. Changes the behavior in that case to failure, instead of double-free. Example case of running into this bug, with dmesg: https://pastebin.com/YRXW8WgM $ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 20.04.1 LTS Release: 20.04 Codename: focal $ apt-cache policy zfsutils-linux zfsutils-linux: Installed: 0.8.3-1ubuntu12.4 Candidate: 0.8.3-1ubuntu12.4 Version table: *** 0.8.3-1ubuntu12.4 500 500 http://us.archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages 100 /var/lib/dpkg/status 0.8.3-1ubuntu12 500 500 http://us.archive.ubuntu.com/ubuntu focal/main amd64 Packages ** Affects: zfs-linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1902588 Title: zfs mount -a: double free / memory corruption / segfault when mountpoint of dataset is not empty To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/zfs-linux/+bug/1902588/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
