** Description changed: + [ Impact ] + + There is currently a bug in tcpdump causing it to segfault on Noble + machines and newer. + + The bug has been fixed in debian upstream here: + https://salsa.debian.org/debian/tcpdump/-/blob/master/debian/patches/drop- + privs-after-opening-savefile.diff + + There is also a discussion about it on the debian bug tracker: + https://bugs.debian.org/935112 + + [ Test Plan ] + + Make sure you are on a noble machine or newer. + To reproduce the issue simply run the following command: + + $ sudo tcpdump -Z root -ni lo -w /tmp/lo.pcap + + Note that running it with sudo or being in a root shell is a requirement to trigger the crash. + You will see the following when reproducing the crash: + ``` + ghadi@XPS-17-9720 ~ » sudo tcpdump -Z root -ni lo -w /tmp/lo.pcap + [1] 1250151 segmentation fault sudo tcpdump -Z root -ni lo -w /tmp/lo.pcap + ``` + + [ Where problems could occur ] + + Since the patch makes sure that the username is valid before changing + ownership, a possible regression might be that tcpdump fails to run due + to permission issues, or that it still segfaults due to other checks + that might be required. + + + [ Original Description ] Reproduce: As root (sudo sh) do: # tcpdump -Z root -ni lo -w /tmp/lo.pcap Segmentation fault (core dumped) ProblemType: Bug DistroRelease: Ubuntu 24.04 Package: tcpdump 4.99.4-3ubuntu4 ProcVersionSignature: Ubuntu 6.8.0-36.36-generic 6.8.4 Uname: Linux 6.8.0-36-generic x86_64 ApportVersion: 2.28.1-0ubuntu3 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: XFCE Date: Thu Jul 4 08:47:14 2024 InstallationDate: Installed on 2024-04-25 (69 days ago) InstallationMedia: Ubuntu 24.04 LTS "Noble Numbat" - Release amd64 (20240424) ProcEnviron: - LANG=en_US.UTF-8 - PATH=(custom, no user) - SHELL=/bin/bash - TERM=xterm - XDG_RUNTIME_DIR=<set> + LANG=en_US.UTF-8 + PATH=(custom, no user) + SHELL=/bin/bash + TERM=xterm + XDG_RUNTIME_DIR=<set> SourcePackage: tcpdump UpgradeStatus: No upgrade log present (probably fresh install)
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2071891 Title: tcpdump segv if -Z and -w is specified To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/2071891/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
