Package: clamav-daemon Version: 0.100.0+dfsg-0+deb9u2 Severity: critical Justification: breaks the whole system
Dear Maintainer, After a recent apt upgrade, within a few minutes, my system started locking up. A reboot would buy me about 2 minutes of working time before it locked up again. I noted the following in the logs that seemed to correspond: clamd (28514): Using fanotify permission checks may lead to deadlock; tainting kernel and shortly thereafter INFO: task clamd:28512 blocked for more than 120 seconds. This seemed to be causing some kind of deadlock as described in the first error, since other programs would go into forever wait mode waiting on I/O (ie: blocking I/O). The other programs could not be kill -9'd. service clamav-daemon stop == system instantly returned to stability. I downgraded to 0.99.4+dfsg-1+deb9u1 and system remains stable as it had been heretofore. I suspect this is related to my use of ScanOnAccess true, but not sure. The only thing I think that is otherwise unusual about my system is that I do not use SystemD nor any major GUI environment (simple IceWM setup). Otherwise, I run a pretty stripped down setup, with as few running processes as possible. I have already downgraded, so you may see incorrectly some versions in the included data of 0.99.4+dfsg-1+deb9u1. 0.99.4+dfsg-1+deb9u1 is the stable version. It is the 0.100.0+dfsg-0+deb9u2 version that is broken. -- Package-specific info: --- configuration --- Checking configuration files in /etc/clamav Config file: clamd.conf ----------------------- LogFile = "/var/log/clamav/clamav.log" StatsHostID = "auto" StatsEnabled disabled StatsPEDisabled = "yes" StatsTimeout = "10" LogFileUnlock disabled LogFileMaxSize = "4294967295" LogTime = "yes" LogClean disabled LogSyslog = "yes" LogFacility = "LOG_LOCAL6" LogVerbose disabled LogRotate = "yes" ExtendedDetectionInfo = "yes" PidFile disabled TemporaryDirectory disabled DatabaseDirectory = "/var/lib/clamav" OfficialDatabaseOnly disabled LocalSocket = "/var/run/clamav/clamd.ctl" LocalSocketGroup = "clamav" LocalSocketMode = "666" FixStaleSocket = "yes" TCPSocket disabled TCPAddr disabled MaxConnectionQueueLength = "15" StreamMaxLength = "26214400" StreamMinPort = "1024" StreamMaxPort = "2048" MaxThreads = "12" ReadTimeout = "180" CommandReadTimeout = "5" SendBufTimeout = "200" MaxQueue = "100" IdleTimeout = "30" ExcludePath disabled MaxDirectoryRecursion = "15" FollowDirectorySymlinks disabled FollowFileSymlinks disabled CrossFilesystems = "yes" SelfCheck = "3600" DisableCache disabled VirusEvent disabled ExitOnOOM disabled AllowAllMatchScan = "yes" Foreground disabled Debug disabled LeaveTemporaryFiles disabled User = "root" Bytecode = "yes" BytecodeSecurity = "TrustSigned" BytecodeTimeout = "60000" BytecodeUnsigned disabled BytecodeMode = "Auto" DetectPUA disabled ExcludePUA disabled IncludePUA disabled AlgorithmicDetection = "yes" ScanPE = "yes" ScanELF = "yes" DetectBrokenExecutables disabled ScanMail = "yes" ScanPartialMessages disabled PhishingSignatures = "yes" PhishingScanURLs = "yes" PhishingAlwaysBlockCloak disabled PhishingAlwaysBlockSSLMismatch disabled PartitionIntersection disabled HeuristicScanPrecedence disabled StructuredDataDetection disabled StructuredMinCreditCardCount = "3" StructuredMinSSNCount = "3" StructuredSSNFormatNormal = "yes" StructuredSSNFormatStripped disabled ScanHTML = "yes" ScanOLE2 = "yes" OLE2BlockMacros disabled ScanPDF = "yes" ScanSWF = "yes" ScanXMLDOCS = "yes" ScanHWP3 = "yes" ScanArchive = "yes" ArchiveBlockEncrypted disabled ForceToDisk disabled MaxScanSize = "104857600" MaxFileSize = "26214400" MaxRecursion = "16" MaxFiles = "10000" MaxEmbeddedPE = "10485760" MaxHTMLNormalize = "10485760" MaxHTMLNoTags = "2097152" MaxScriptNormalize = "5242880" MaxZipTypeRcg = "1048576" MaxPartitions = "50" MaxIconsPE = "100" MaxRecHWP3 = "16" PCREMatchLimit = "10000" PCRERecMatchLimit = "5000" PCREMaxFileSize = "26214400" ScanOnAccess = "yes" OnAccessMountPath disabled OnAccessIncludePath = "/tmp", "/home", "/root" OnAccessExcludePath disabled OnAccessExcludeUID disabled OnAccessMaxFileSize = "5242880" OnAccessDisableDDD disabled OnAccessPrevention = "yes" OnAccessExtraScanning disabled DevACOnly disabled DevACDepth disabled DevPerformance disabled DevLiblog disabled DisableCertCheck disabled Config file: freshclam.conf --------------------------- StatsHostID disabled StatsEnabled disabled StatsTimeout disabled LogFileMaxSize = "4294967295" LogTime = "yes" LogSyslog disabled LogFacility = "LOG_LOCAL6" LogVerbose disabled LogRotate = "yes" PidFile disabled DatabaseDirectory = "/var/lib/clamav" Foreground disabled Debug disabled UpdateLogFile = "/var/log/clamav/freshclam.log" DatabaseOwner = "clamav" Checks = "24" DNSDatabaseInfo = "current.cvd.clamav.net" DatabaseMirror = "db.local.clamav.net", "database.clamav.net" PrivateMirror disabled MaxAttempts = "5" ScriptedUpdates = "yes" TestDatabases = "yes" CompressLocalDatabase disabled ExtraDatabase disabled DatabaseCustomURL disabled HTTPProxyServer disabled HTTPProxyPort disabled HTTPProxyUsername disabled HTTPProxyPassword disabled HTTPUserAgent disabled NotifyClamd = "/etc/clamav/clamd.conf" OnUpdateExecute disabled OnErrorExecute disabled OnOutdatedExecute disabled LocalIPAddress disabled ConnectTimeout = "30" ReceiveTimeout = "30" SubmitDetectionStats disabled DetectionStatsCountry disabled DetectionStatsHostID disabled SafeBrowsing disabled Bytecode = "yes" clamav-milter.conf not found Software settings ----------------- Version: 0.100.0 WARNING: Version mismatch: libclamav=0.100.0, clamconf=0.99.4 Optional features supported: MEMPOOL IPv6 FRESHCLAM_DNS_FIX AUTOIT_EA06 BZIP2 LIBXML2 PCRE ICONV JSON JIT Database information -------------------- Database directory: /var/lib/clamav [3rd Party] spamattach.hdb: 14 sigs [3rd Party] jurlbl.ndb: 14038 sigs [3rd Party] bofhland_phishing_URL.ndb: 24 sigs [3rd Party] winnow_malware_links.ndb: 4623 sigs main.cvd: version 58, sigs: 4566249, built on Wed Jun 7 14:38:10 2017 [3rd Party] rogue.hdb: 4668 sigs bytecode.cld: version 325, sigs: 90, built on Wed Jul 18 11:05:37 2018 [3rd Party] porcupine.ndb: 3306 sigs daily.cld: version 24764, sigs: 2018970, built on Thu Jul 19 10:09:32 2018 [3rd Party] junk.ndb: 56783 sigs [3rd Party] sanesecurity.ftm: 170 sigs [3rd Party] spamimg.hdb: 162 sigs [3rd Party] bofhland_cracked_URL.ndb: 26 sigs [3rd Party] winnow_extended_malware.hdb: 245 sigs [3rd Party] winnow_bad_cw.hdb: 1 sig [3rd Party] crdfam.clamav.hdb: 1 sig [3rd Party] scam.ndb: 12486 sigs [3rd Party] blurl.ndb: 61097 sigs [3rd Party] phish.ndb: 27408 sigs [3rd Party] winnow.attachments.hdb: 182 sigs [3rd Party] winnow_malware.hdb: 293 sigs [3rd Party] doppelstern.hdb: 1 sig [3rd Party] phishtank.ndb: 29898 sigs [3rd Party] bofhland_malware_attach.hdb: 1835 sigs [3rd Party] bofhland_malware_URL.ndb: 4 sigs Total number of signatures: 6802574 Platform information -------------------- uname: Linux 4.9.0-7-amd64 #1 SMP Debian 4.9.110-1 (2018-07-05) x86_64 OS: linux-gnu, ARCH: x86_64, CPU: x86_64 Full OS version: Debian GNU/Linux 9.5 (stretch) zlib version: 1.2.8 (1.2.8), compile flags: a9 Triple: x86_64-pc-linux-gnu CPU: ivybridge, Little-endian platform id: 0x0a215b5b0806030001060300 Build information ----------------- GNU C: 6.3.0 20170516 (6.3.0) GNU C++: 6.3.0 20170516 (6.3.0) CPPFLAGS: -Wdate-time -D_FORTIFY_SOURCE=2 CFLAGS: -g -O2 -fdebug-prefix-map=/build/clamav-CK3UEA/clamav-0.99.4+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64 -fno-strict-aliasing -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE CXXFLAGS: -g -O2 -fdebug-prefix-map=/build/clamav-CK3UEA/clamav-0.99.4+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64 LDFLAGS: -Wl,-z,relro -Wl,-z,now -Wl,--as-needed Configure: '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' '--libdir=/usr/lib/x86_64-linux-gnu' '--libexecdir=/usr/lib/x86_64-linux-gnu' '--disable-maintainer-mode' '--disable-dependency-tracking' 'CFLAGS=-g -O2 -fdebug-prefix-map=/build/clamav-CK3UEA/clamav-0.99.4+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2 -fdebug-prefix-map=/build/clamav-CK3UEA/clamav-0.99.4+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64' 'LDFLAGS=-Wl,-z,relro -Wl,-z,now -Wl,--as-needed' '--with-dbdir=/var/lib/clamav' '--sysconfdir=/etc/clamav' '--disable-clamav' '--disable-unrar' '--enable-milter' '--enable-dns-fix' '--with-libjson' '--with-gnu-ld' '-with-system-llvm=/usr/bin/llvm-config' '--with-llvm-linking=dynami c' '--with-systemdsystemunitdir=/lib/systemd/system' 'build_alias=x86_64-linux-gnu' sizeof(void*) = 8 Engine flevel: 91, dconf: 91 --- data dir --- total 287532 -rw-r--r-- 1 clamav clamav 10127922 Jul 19 12:15 blurl.ndb -rw-r--r-- 1 clamav clamav 2384 Jul 19 08:03 bofhland_cracked_URL.ndb -rw-r--r-- 1 clamav clamav 546 Jul 19 08:03 bofhland_malware_URL.ndb -rw-r--r-- 1 clamav clamav 106188 Jan 12 2018 bofhland_malware_attach.hdb -rw-r--r-- 1 clamav clamav 3252 Jul 19 08:03 bofhland_phishing_URL.ndb -rw-r--r-- 1 clamav clamav 950272 Jul 19 13:11 bytecode.cld -rw-r--r-- 1 clamav clamav 82 Jul 13 2016 crdfam.clamav.hdb -rw-r--r-- 1 clamav clamav 144614400 Jul 19 13:11 daily.cld -rw-r--r-- 1 clamav clamav 65 Jul 26 2013 doppelstern.hdb -rw-r--r-- 1 clamav clamav 7114765 Jul 18 01:22 junk.ndb -rw-r--r-- 1 clamav clamav 1682782 Jul 19 12:15 jurlbl.ndb -rw-r--r-- 1 clamav clamav 117892267 Jan 12 2018 main.cvd -rw------- 1 clamav clamav 1248 Jul 19 13:11 mirrors.dat -rw-r--r-- 1 clamav clamav 4040464 Jul 18 08:17 phish.ndb -rw-r--r-- 1 clamav clamav 4490319 Jul 19 10:01 phishtank.ndb -rw-r--r-- 1 clamav clamav 354219 Jul 19 08:01 porcupine.ndb -rw-r--r-- 1 clamav clamav 509662 Jul 19 10:14 rogue.hdb -rw-r--r-- 1 clamav clamav 11098 Oct 18 2016 sanesecurity.ftm -rw-r--r-- 1 clamav clamav 1895934 Jul 17 07:18 scam.ndb -rw-r--r-- 1 clamav clamav 454 Jul 19 02:14 sigwhitelist.ign2 -rw-r--r-- 1 clamav clamav 1391 Apr 28 2017 spamattach.hdb -rw-r--r-- 1 clamav clamav 15567 Jul 17 01:15 spamimg.hdb -rw-r--r-- 1 clamav clamav 14825 Jul 16 00:28 winnow.attachments.hdb -rw-r--r-- 1 clamav clamav 66 Jan 12 2018 winnow_bad_cw.hdb -rw-r--r-- 1 clamav clamav 16271 Feb 25 16:00 winnow_extended_malware.hdb -rw-r--r-- 1 clamav clamav 18189 Mar 4 16:00 winnow_malware.hdb -rw-r--r-- 1 clamav clamav 506160 Jun 26 03:27 winnow_malware_links.ndb -- System Information: Debian Release: 9.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-7-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages clamav-daemon depends on: ii adduser 3.115 ii clamav-base 0.99.4+dfsg-1+deb9u1 ii clamav-freshclam [clamav-data] 0.99.4+dfsg-1+deb9u1 ii debconf [debconf-2.0] 1.5.61 ii dpkg 1.18.25 ii init-system-helpers 1.48 ii libc6 2.24-11+deb9u3 ii libclamav7 0.100.0+dfsg-0+deb9u2 ii libncurses5 6.0+20161126-1+deb9u2 ii libssl1.1 1.1.0f-3+deb9u2 ii libsystemd0 232-25+deb9u1 ii libtinfo5 6.0+20161126-1+deb9u2 ii lsb-base 9.20161125 ii procps 2:3.3.12-3+deb9u1 ii ucf 3.0036 ii zlib1g 1:1.2.8.dfsg-5 Versions of packages clamav-daemon recommends: pn clamdscan <none> Versions of packages clamav-daemon suggests: pn apparmor <none> pn clamav-docs <none> pn daemon <none> -- debconf-show failed