April 2024 - openSUSE Bugs - openSUSE Mailing Lists

[Bug 1223069] New: earlyoom 1.8-1.1 crashes if started with priority flag (-p)
by bugzilla_noreply＠suse.com 17 May '24

17 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1223069 Bug ID: 1223069 Summary: earlyoom 1.8-1.1 crashes if started with priority flag (-p) Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Other Assignee: screening-team-bugs(a)suse.de Reporter: db(a)mail25.net QA Contact: qa-bugs(a)suse.de Target Milestone: --- Found By: --- Blocker: --- OS: Tumbleweed 20240416 earlyoom version: 1.8-1.1 After updating today I noticed that earlyoom crashes: > bal. 18 10:40:50 earlyoom[13343]: earlyoom 1.8 > bal. 18 10:40:50 earlyoom[13343]: Notifying through D-Bus > bal. 18 10:40:50 earlyoom[13343]: Preferring to kill process names that match regex '(^|/)(java|Isolated Web Co|Web Content|WebExtensions|firefox|chrome|opera|falkon|ffmpeg|vlc|mpv|akregator|thumbnail.so)$' > bal. 18 10:40:50 earlyoom[13343]: Will avoid killing process names that match regex '(^|/)(systemd|Xorg|X|Xwayland|xdm|sddm|kdm|gdm|lightdm|plasmashell|kwin_wayland|kwin_x11|ssh|yast|yast2|y2controlcenter|zypper|rpm|dnf)$' > bal. 18 10:40:50 systemd[1]: Started Process Core Dump (PID 13344/UID 0). > bal. 18 10:40:50 systemd-coredump[13345]: [🡕] Process 13343 (earlyoom) of user 61876 dumped core. > > Stack trace of thread 13343: > #0 0x00007f260bb07b5b setpriority (libc.so.6 + 0x107b5b) > #1 0x000055845a69a161 n/a (earlyoom + 0x3161) > #2 0x00007f260ba2a1f0 __libc_start_call_main (libc.so.6 + 0x2a1f0) > #3 0x00007f260ba2a2b9 __libc_start_main@@GLIBC_2.34 (libc.so.6 + 0x2a2b9) > #4 0x000055845a69a3b5 n/a (earlyoom + 0x33b5) > ELF object binary architecture: AMD x86-64 > bal. 18 10:40:50 systemd[1]: earlyoom.service: Main process exited, code=dumped, status=31/SYS > bal. 18 10:40:50 systemd[1]: earlyoom.service: Failed with result 'core-dump'. From the stack trace it has something to do with the setpriority function, earlyoom has a flag -p to increase it's priority, from the man page: > -p > Increase earlyoom’s priority: set niceness of earlyoom to -20 and oom_score_adj to -100. > > When earlyoom is run through its default systemd service, the -p switch doesn’t work. To achieve the same effect, enter the following three lines into sudo systemctl edit earlyoom: > > [Service] > OOMScoreAdjust=-100 > Nice=-20 My config in /etc/sysconfig/earlyoom had -p: > EARLYOOM_ARGS="-r 0 -M 524288 -s 10 -n -p --avoid '(^|/)(systemd|Xorg|X|Xwayland|xdm|sddm|kdm|gdm|lightdm|plasmashell|kwin_wayland|kwin_x11|ssh|yast|yast2|y2controlcenter|zypper|rpm|dnf)$' --prefer '(^|/)(java|Isolated\ Web\ Co|Web\ Content|WebExtensions|firefox|chrome|opera|falkon|ffmpeg|vlc|mpv|akregator|thumbnail.so)$'" After removing the -p flag the service starts and since the systemd service config already contains the niceness and OOM score adjustments I guess this flag isn't really needed. -- You are receiving this mail because: You are on the CC list for the bug.

1 3

[Bug 1223071] New: earlyoom 1.8-1.1 systemd service hardening incorrect value for IPAddressDeny
by bugzilla_noreply＠suse.com 17 May '24

17 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1223071 Bug ID: 1223071 Summary: earlyoom 1.8-1.1 systemd service hardening incorrect value for IPAddressDeny Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Other Assignee: screening-team-bugs(a)suse.de Reporter: db(a)mail25.net QA Contact: qa-bugs(a)suse.de Target Milestone: --- Found By: --- Blocker: --- I've noticed earlyoom 1.8-1.1 received new hardening options in it's systemd service configuration but the IPAddressDeny seems to have an incorrect value. From the logs: > bal. 18 10:58:40 systemd[1]: /usr/lib/systemd/system/earlyoom.service:41: Invalid address prefix is specified in [Service] IPAddressDeny=, ignoring assignment: true Right now it's IPAddressDeny=true but it's not a boolean, it should be a list of IPv4 and/or IPv6 addresses (or one of the symbolic names) as according to https://www.freedesktop.org/software/systemd/man/latest/systemd.resource-co… I believe it should be IPAddressDeny=any since I don't think earlyoom needs any network access. -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1215462] New: drbd.service: Failed at step EXEC spawning /lib/drbd/scripts/drbd: No such file or directory
by bugzilla_noreply＠suse.com 17 May '24

17 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1215462 Bug ID: 1215462 Summary: drbd.service: Failed at step EXEC spawning /lib/drbd/scripts/drbd: No such file or directory Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.4 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Virtualization:Tools Assignee: virt-bugs(a)suse.de Reporter: nsinger(a)suse.com QA Contact: qa-bugs(a)suse.de Target Milestone: --- Found By: --- Blocker: --- With the drbd-utils update to 9.19.0 on Mon Oct 11 09:43:25 UTC 2021 the /lib/drbd/scripts/drbd directory was moved to /usr (see line#130 in https://build.opensuse.org/package/view_file/network:ha-clustering:Factory/…). Soon later a fix for bsc#1203220 was introduced because drbd.service now fails with `drbd.service: Failed at step EXEC spawning /lib/drbd/scripts/drbd: No such file or directory` and a symlink to /usr was created. Apparently this fix never made it into Leap15.4 backports: ``` osiris-1:~ # cat /etc/os-release NAME="openSUSE Leap" VERSION="15.4" ID="opensuse-leap" ID_LIKE="suse opensuse" VERSION_ID="15.4" PRETTY_NAME="openSUSE Leap 15.4" ANSI_COLOR="0;32" CPE_NAME="cpe:/o:opensuse:leap:15.4" BUG_REPORT_URL="https://bugs.opensuse.org" HOME_URL="https://www.opensuse.org/" DOCUMENTATION_URL="https://en.opensuse.org/Portal:Leap" LOGO="distributor-logo-Leap" osiris-1:~ # LC_ALL=c zypper info drbd-utils Retrieving repository 'Update repository with updates from SUSE Linux Enterprise 15' metadata ......................................................................................................................................[done] Building repository 'Update repository with updates from SUSE Linux Enterprise 15' cache ...........................................................................................................................................[done] Loading repository data... Reading installed packages... Information for package drbd-utils: ----------------------------------- Repository : Update repository with updates from SUSE Linux Enterprise 15 Name : drbd-utils Version : 9.19.0-150400.3.17.1 Arch : x86_64 Vendor : SUSE LLC <https://www.suse.com/> Installed Size : 1.9 MiB Installed : Yes Status : up-to-date Source package : drbd-utils-9.19.0-150400.3.17.1.src Upstream URL : http://www.drbd.org/ Summary : Distributed Replicated Block Device Description : Drbd is a distributed replicated block device. It mirrors a block device over the network to another machine. Think of it as networked raid 1. It is a building block for setting up clusters. ``` Workaround: `mkdir -p /lib/drbd/ && ln -s /usr/lib/drbd/scripts /lib/drbd/scripts` -- You are receiving this mail because: You are on the CC list for the bug.

1 3

[Bug 1218679] New: VUL-0: CVE-2022-36764: EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of con ...
by bugzilla_noreply＠suse.com 17 May '24

17 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1218679 Bug ID: 1218679 Summary: VUL-0: CVE-2022-36764: EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of con ... Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/390489/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: guillaume.gardet(a)opensuse.org Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: stoyan.manolov(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36764 https://www.cve.org/CVERecord?id=CVE-2022-36764 https://github.com/tianocore/edk2/security/advisories/GHSA-4hcq-p8q8-hj8j -- You are receiving this mail because: You are on the CC list for the bug.

1 14

[Bug 1218680] New: VUL-0: CVE-2022-36765: EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise ...
by bugzilla_noreply＠suse.com 17 May '24

17 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1218680 Bug ID: 1218680 Summary: VUL-0: CVE-2022-36765: EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise ... Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/390490/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: guillaume.gardet(a)opensuse.org Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: stoyan.manolov(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36765 https://www.cve.org/CVERecord?id=CVE-2022-36765 https://github.com/tianocore/edk2/security/advisories/GHSA-ch4w-v7m3-g8wx -- You are receiving this mail because: You are on the CC list for the bug.

1 9

[Bug 1218879] New: VUL-0: CVE-2023-45229: ovmf: edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message
by bugzilla_noreply＠suse.com 17 May '24

17 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1218879 Bug ID: 1218879 Summary: VUL-0: CVE-2023-45229: ovmf: edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/391330/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: guillaume.gardet(a)opensuse.org Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: stoyan.manolov(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IA_NA or IA_TA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45229 https://seclists.org/oss-sec/2024/q1/25 https://www.cve.org/CVERecord?id=CVE-2023-45229 https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h http://www.openwall.com/lists/oss-security/2024/01/16/2 https://bugzilla.redhat.com/show_bug.cgi?id=2258677 -- You are receiving this mail because: You are on the CC list for the bug.

1 6

[Bug 1218880] New: VUL-0: CVE-2023-45230: edk2, ovmf: Buffer overflow in the DHCPv6 client via a long Server ID option
by bugzilla_noreply＠suse.com 17 May '24

17 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1218880 Bug ID: 1218880 Summary: VUL-0: CVE-2023-45230: edk2, ovmf: Buffer overflow in the DHCPv6 client via a long Server ID option Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/391378/ OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Security Assignee: guillaume.gardet(a)opensuse.org Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: stoyan.manolov(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45230 https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h https://www.cve.org/CVERecord?id=CVE-2023-45230 http://www.openwall.com/lists/oss-security/2024/01/16/2 https://bugzilla.redhat.com/show_bug.cgi?id=2258685 -- You are receiving this mail because: You are on the CC list for the bug.

1 4

[Bug 1218881] New: VUL-0: CVE-2023-45231: edk2,ovmf: Out of Bounds read when handling a ND Redirect message with truncated options
by bugzilla_noreply＠suse.com 17 May '24

17 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1218881 Bug ID: 1218881 Summary: VUL-0: CVE-2023-45231: edk2,ovmf: Out of Bounds read when handling a ND Redirect message with truncated options Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/391379/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: guillaume.gardet(a)opensuse.org Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: stoyan.manolov(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing Neighbor Discovery Redirect message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45231 https://www.cve.org/CVERecord?id=CVE-2023-45231 https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h http://www.openwall.com/lists/oss-security/2024/01/16/2 https://bugzilla.redhat.com/show_bug.cgi?id=2258688 -- You are receiving this mail because: You are on the CC list for the bug.

1 5

[Bug 1218882] New: VUL-0: CVE-2023-45232: edk2, ovmf: Infinite loop when parsing unknown options in the Destination Options header
by bugzilla_noreply＠suse.com 17 May '24

17 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1218882 Bug ID: 1218882 Summary: VUL-0: CVE-2023-45232: edk2, ovmf: Infinite loop when parsing unknown options in the Destination Options header Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/391380/ OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Security Assignee: guillaume.gardet(a)opensuse.org Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: stoyan.manolov(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45232 https://www.cve.org/CVERecord?id=CVE-2023-45232 https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h http://www.openwall.com/lists/oss-security/2024/01/16/2 https://bugzilla.redhat.com/show_bug.cgi?id=2258691 -- You are receiving this mail because: You are on the CC list for the bug.

1 4

[Bug 1218883] New: VUL-0: CVE-2023-45233: ovmf: edk2: Infinite loop when parsing a PadN option in the Destination Options header
by bugzilla_noreply＠suse.com 17 May '24

17 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1218883 Bug ID: 1218883 Summary: VUL-0: CVE-2023-45233: ovmf: edk2: Infinite loop when parsing a PadN option in the Destination Options header Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/391381/ OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Security Assignee: guillaume.gardet(a)opensuse.org Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: stoyan.manolov(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-45233 https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h https://www.cve.org/CVERecord?id=CVE-2023-45233 http://www.openwall.com/lists/oss-security/2024/01/16/2 https://bugzilla.redhat.com/show_bug.cgi?id=2258694 -- You are receiving this mail because: You are on the CC list for the bug.

1 5