Package: opensnitch-ebpf-modules Version: 1.5.9-1 Severity: important Usertags: crash Control: found -1 1.5.9-2
When starting the opensnitch service while opensnitch-ebpf-modules is installed, the opensnitch daemon crashes with the SIGSEGV error below. This does not happen with the eBPF modules not installed and proc used. I didn't provide a full backtrace because I'm not familiar with how to get Golang programs to do a core dump nor how to get a backtrace. Jun 10 13:14:30 systemd[1]: Starting opensnitch.service - OpenSnitch is a GNU/Linux application firewall.... Jun 10 13:14:30 systemd[1]: Started opensnitch.service - OpenSnitch is a GNU/Linux application firewall.. Jun 10 13:14:30 opensnitchd[3782650]: [2023-06-10 05:14:30] IMP Starting opensnitch-daemon v1.5.9 Jun 10 13:14:30 opensnitchd[3782650]: [2023-06-10 05:14:30] INF Loading rules from /etc/opensnitchd/rules ... Jun 10 13:14:30 opensnitchd[3782650]: panic: runtime error: invalid memory address or nil pointer dereference Jun 10 13:14:30 opensnitchd[3782650]: [signal SIGSEGV: segmentation violation code=0x1 addr=0x10 pc=0x5a37ac] Jun 10 13:14:30 opensnitchd[3782650]: goroutine 1 [running]: Jun 10 13:14:30 opensnitchd[3782650]: github.com/iovisor/gobpf/elf.(*Module).UpdateElement.func1(0x7f3faf601d08?, 0x0?, 0x7f3fd7c18108?, 0x10?, 0xc000058800?) Jun 10 13:14:30 opensnitchd[3782650]: github.com/iovisor/gobpf/elf/table.go:75 +0x2c Jun 10 13:14:30 opensnitchd[3782650]: github.com/iovisor/gobpf/elf.(*Module).UpdateElement(0xc00016a000?, 0xc?, 0x97e195?, 0xa?, 0x62?) Jun 10 13:14:30 opensnitchd[3782650]: github.com/iovisor/gobpf/elf/table.go:80 +0x59 Jun 10 13:14:30 opensnitchd[3782650]: github.com/evilsocket/opensnitch/daemon/procmon/ebpf.Start() Jun 10 13:14:30 opensnitchd[3782650]: github.com/evilsocket/opensnitch/daemon/procmon/ebpf/ebpf.go:95 +0x4a5 Jun 10 13:14:30 opensnitchd[3782650]: github.com/evilsocket/opensnitch/daemon/procmon/monitor.Init() Jun 10 13:14:30 opensnitchd[3782650]: github.com/evilsocket/opensnitch/daemon/procmon/monitor/init.go:55 +0x53 Jun 10 13:14:30 opensnitchd[3782650]: github.com/evilsocket/opensnitch/daemon/procmon/monitor.ReconfigureMonitorMethod({0xc0001b26e4, 0x4}) Jun 10 13:14:30 opensnitchd[3782650]: github.com/evilsocket/opensnitch/daemon/procmon/monitor/init.go:29 +0x6c Jun 10 13:14:30 opensnitchd[3782650]: github.com/evilsocket/opensnitch/daemon/ui.(*Client).loadConfiguration(0xc0001b19e0, {0xc0004a2a00, 0x169, 0x200}) Jun 10 13:14:30 opensnitchd[3782650]: github.com/evilsocket/opensnitch/daemon/ui/config.go:100 +0x285 Jun 10 13:14:30 opensnitchd[3782650]: github.com/evilsocket/opensnitch/daemon/ui.(*Client).loadDiskConfiguration(0xc0001b19e0, 0x0) Jun 10 13:14:30 opensnitchd[3782650]: github.com/evilsocket/opensnitch/daemon/ui/config.go:52 +0x10a Jun 10 13:14:30 opensnitchd[3782650]: github.com/evilsocket/opensnitch/daemon/ui.NewClient({0x0, 0x0}, 0xc00070ea90, 0xc00011a5a0) Jun 10 13:14:30 opensnitchd[3782650]: github.com/evilsocket/opensnitch/daemon/ui/client.go:82 +0x114 Jun 10 13:14:30 opensnitchd[3782650]: main.main() Jun 10 13:14:30 opensnitchd[3782650]: github.com/evilsocket/opensnitch/daemon/main.go:382 +0x62f Jun 10 13:14:30 systemd[1]: opensnitch.service: Main process exited, code=exited, status=2/INVALIDARGUMENT Jun 10 13:14:30 systemd[1]: opensnitch.service: Failed with result 'exit-code'. -- System Information: Debian Release: 12.0 APT prefers testing-security APT policy: (950, 'testing-security'), (900, 'testing-debug'), (900, 'testing'), (860, 'testing-proposed-updates-debug'), (860, 'testing-proposed-updates'), (850, 'buildd-testing-proposed-updates'), (800, 'unstable-debug'), (800, 'unstable'), (790, 'buildd-unstable'), (700, 'experimental-debug'), (700, 'experimental'), (690, 'buildd-experimental') merged-usr: no Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-9-amd64 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8), LANGUAGE=en_AU:en Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled opensnitch-ebpf-modules depends on no packages. opensnitch-ebpf-modules recommends no packages. Versions of packages opensnitch-ebpf-modules suggests: ii opensnitch 1.5.9-2 -- bye, pabs https://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part