[Bug 909695] New: segmentation fault after pack & ioctl & unpack
http://bugzilla.suse.com/show_bug.cgi?id=909695 Bug ID: 909695 Summary: segmentation fault after pack & ioctl & unpack Classification: openSUSE Product: openSUSE Distribution Version: 13.2 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Ruby Assignee: ruby-devel@suse.de Reporter: bkutil@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- This snippet (requires sudo due to ioctl call) produces a segmentation fault on the 13.2 ruby [1], affecting current ruby2.0 and ruby2.1 packages. The bug is currently tracked upstream [2], but not yet fixed, however, a patch is known to work as a fix when backported [3]. require 'socket' SIOCETHTOOL = 0x8946 i = ["lo", "\n"].pack("a16p") s = Socket.new(Socket::AF_INET, Socket::SOCK_DGRAM, 0) s.ioctl(SIOCETHTOOL, i) i.unpack("a16p")[1] [1] ruby 2.1.3p242 (2014-09-19 revision 47630) [x86_64-linux-gnu] [2] https://bugs.ruby-lang.org/issues/10568 [3] https://github.com/ruby/ruby/commit/4b146b25333c52ca4503dfc3c4215b583e8e9963 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=909695 Balazs Kutil <bkutil@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=909695 --- Comment #1 from Balazs Kutil <bkutil@suse.com> --- Packages that contain the backported patch and updated specs are in this branch: https://build.opensuse.org/project/show/home:bkutil:branches:devel:languages... -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=909695 Jordi Massaguer <jmassaguerpla@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jmassaguerpla@suse.com Assignee|ruby-devel@suse.de |jmassaguerpla@suse.com -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=909695 Vincent Untz <vuntz@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |vuntz@suse.com -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=909695 Jordi Massaguer <jmassaguerpla@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|jmassaguerpla@suse.com |ruby-devel@suse.de -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=909695 --- Comment #2 from Jordi Massaguer <jmassaguerpla@suse.com> --- I "untaked it" because I am going to be on xmas holidays for some days. When I am back, if anyone else has not taken it, I'll take it back. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=909695 Jordi Massaguer <jmassaguerpla@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|ruby-devel@suse.de |jmassaguerpla@suse.com -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=909695 --- Comment #3 from Jordi Massaguer <jmassaguerpla@suse.com> --- @balazs: Please do a submit request to devel:languages:ruby . I've just done one for openSUSE:13.2:Update with the patch. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=909695 Jordi Massaguer <jmassaguerpla@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bkutil@suse.com Flags| |needinfo?(bkutil@suse.com) -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=909695 Jordi Massaguer <jmassaguerpla@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |IN_PROGRESS -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=909695 Jordi Massaguer <jmassaguerpla@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mrueckert@suse.com -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=909695 --- Comment #6 from Jordi Massaguer <jmassaguerpla@suse.com> --- Latest patch: https://bugs.ruby-lang.org/attachments/download/4936/ruby-2.1-rb-str-associa... -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=909695 --- Comment #7 from Jordi Massaguer <jmassaguerpla@suse.com> --- even the patch has been backported to ruby 2.1 and ruby 2.0 branch, there not seems that upstream has released yet a verions with those patches. https://bugs.ruby-lang.org/issues/10568 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=909695 Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard| |maint:planned:update -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=909695 Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|maint:planned:update |maint:planned:update | |ibs:running:4483:important -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=909695 http://bugzilla.suse.com/show_bug.cgi?id=909695#c11 --- Comment #11 from Swamp Workflow Management <swamp@suse.de> --- SUSE-SU-2017:1067-1: An update that solves 5 vulnerabilities and has three fixes is now available. Category: security (important) Bug References: 1014863,1018808,887877,909695,926974,936032,959495,986630 CVE References: CVE-2014-4975,CVE-2015-1855,CVE-2015-3900,CVE-2015-7551,CVE-2016-2339 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP2 (src): ruby2.1-2.1.9-15.1 SUSE Linux Enterprise Software Development Kit 12-SP1 (src): ruby2.1-2.1.9-15.1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src): ruby2.1-2.1.9-15.1 SUSE Linux Enterprise Server 12-SP2 (src): ruby2.1-2.1.9-15.1 SUSE Linux Enterprise Server 12-SP1 (src): ruby2.1-2.1.9-15.1 SUSE Linux Enterprise Desktop 12-SP2 (src): ruby2.1-2.1.9-15.1 SUSE Linux Enterprise Desktop 12-SP1 (src): ruby2.1-2.1.9-15.1 OpenStack Cloud Magnum Orchestration 7 (src): ruby2.1-2.1.9-15.1 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=909695 Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|maint:planned:update | |ibs:running:4483:important | -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=909695 http://bugzilla.suse.com/show_bug.cgi?id=909695#c12 --- Comment #12 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-SU-2017:1128-1: An update that solves 5 vulnerabilities and has three fixes is now available. Category: security (important) Bug References: 1014863,1018808,887877,909695,926974,936032,959495,986630 CVE References: CVE-2014-4975,CVE-2015-1855,CVE-2015-3900,CVE-2015-7551,CVE-2016-2339 Sources used: openSUSE Leap 42.2 (src): ruby2.1-2.1.9-8.3.2 openSUSE Leap 42.1 (src): ruby2.1-2.1.9-10.2 -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com