Control: tag -1 - security On Sun, 2013-08-25 at 00:37 +0200, Vincent Lefevre wrote: > Package: initramfs-tools > Version: 0.113 > Severity: important > Tags: security > > I've noticed that when running update-initramfs, a core dump was > generated in the current directory, which is in itself a first bug. > > After looking at this problem with strace, I saw that this came from: > > /usr/bin/ldd /lib/firmware/cis/PCMLM28.cis > > apparently via mkinitramfs. The strace output shows: > > 23190 execve("/libx32/ld-linux-x32.so.2", ["/libx32/ld-linux-x32.so.2"], [/* > 115 vars */]) = 0 > 23190 syscall_1073741836(0, 0, 0x4000000c, 0xbfebfbff, 0x37f, 0x64, 0x1000, > 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, > 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, > 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000) = -1 (errno 38) > 23190 syscall_1073742340(0x2, 0xfffbaa70, 0x1, 0xbfebfbff, 0xf77b0a3e, > 0xf776d8cc, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, > 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, > 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, > 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, 0xf776ef7d, > 0xf776ef7d, 0xf776ef7d, 0xf776ef7d) = -1 (errno 38) > 23190 syscall_1073742055(0x7f, 0x4000003c, 0x7f, 0xbfebfbff, 0x400000e7, > 0xf776d8cc, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, > 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7) = -1 (errno > 38) > 23190 syscall_1073741884(0x7f, 0x4000003c, 0x7f, 0xbfebfbff, 0x400000e7, > 0xf776d8cc, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, > 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7, 0x7) = -1 (errno > 38) > 23190 --- SIGSEGV (Segmentation fault) @ 0 (0) --- > > I wonder whether it may be a security bug. /libx32 is not necessarily > a standard directory, and could for instance be NFS mounted, [...]
What? It belongs to glibc; $ dpkg -S /libx32 libc6-x32: /libx32 Ben. -- Ben Hutchings Never put off till tomorrow what you can avoid all together.
signature.asc
Description: This is a digitally signed message part