Package: libc6 Version: 2.5-1 Severity: critical Tags: security Justification: root security hole
Hi, valgrind reports jumps depending on uninitialized valuse in /lib/ld-2.5.so. I found this bug using some gfortran 4.2, but I get it also using the standard gcc package (version 4:4.1.1-15). I'm not really sure about severity of this bug. Please have a look on it and change it to the appopriate value. C-Program: ----------- #include <stdio.h> int main() { printf("Hello World\n"); } ----------- valgrind output: ----------- ==16052== Memcheck, a memory error detector. ==16052== Copyright (C) 2002-2006, and GNU GPL'd, by Julian Seward et al. ==16052== Using LibVEX rev 1658, a library for dynamic binary translation. ==16052== Copyright (C) 2004-2006, and GNU GPL'd, by OpenWorks LLP. ==16052== Using valgrind-3.2.1-Debian, a dynamic binary instrumentation framework. ==16052== Copyright (C) 2000-2006, and GNU GPL'd, by Julian Seward et al. ==16052== For more details, rerun with: -v ==16052== ==16052== Conditional jump or move depends on uninitialised value(s) ==16052== at 0x4015347: (within /lib/ld-2.5.so) ==16052== by 0x40052A8: (within /lib/ld-2.5.so) ==16052== by 0x4007D4B: (within /lib/ld-2.5.so) ==16052== by 0x40031A8: (within /lib/ld-2.5.so) ==16052== by 0x4013F0A: (within /lib/ld-2.5.so) ==16052== by 0x40012D6: (within /lib/ld-2.5.so) ==16052== by 0x4000A77: (within /lib/ld-2.5.so) ==16052== ==16052== Conditional jump or move depends on uninitialised value(s) ==16052== at 0x40151EE: (within /lib/ld-2.5.so) ==16052== by 0x400779A: (within /lib/ld-2.5.so) ==16052== by 0x4008467: (within /lib/ld-2.5.so) ==16052== by 0x400169A: (within /lib/ld-2.5.so) ==16052== by 0x400D8D5: (within /lib/ld-2.5.so) ==16052== by 0x4004817: (within /lib/ld-2.5.so) ==16052== by 0x4013F0A: (within /lib/ld-2.5.so) ==16052== by 0x40012D6: (within /lib/ld-2.5.so) ==16052== by 0x4000A77: (within /lib/ld-2.5.so) ==16052== ==16052== Conditional jump or move depends on uninitialised value(s) ==16052== at 0x40151F9: (within /lib/ld-2.5.so) ==16052== by 0x400779A: (within /lib/ld-2.5.so) ==16052== by 0x4008467: (within /lib/ld-2.5.so) ==16052== by 0x400169A: (within /lib/ld-2.5.so) ==16052== by 0x400D8D5: (within /lib/ld-2.5.so) ==16052== by 0x4004817: (within /lib/ld-2.5.so) ==16052== by 0x4013F0A: (within /lib/ld-2.5.so) ==16052== by 0x40012D6: (within /lib/ld-2.5.so) ==16052== by 0x4000A77: (within /lib/ld-2.5.so) ==16052== ==16052== Conditional jump or move depends on uninitialised value(s) ==16052== at 0x4015204: (within /lib/ld-2.5.so) ==16052== by 0x400779A: (within /lib/ld-2.5.so) ==16052== by 0x4008467: (within /lib/ld-2.5.so) ==16052== by 0x400169A: (within /lib/ld-2.5.so) ==16052== by 0x400D8D5: (within /lib/ld-2.5.so) ==16052== by 0x4004817: (within /lib/ld-2.5.so) ==16052== by 0x4013F0A: (within /lib/ld-2.5.so) ==16052== by 0x40012D6: (within /lib/ld-2.5.so) ==16052== by 0x4000A77: (within /lib/ld-2.5.so) ==16052== ==16052== Conditional jump or move depends on uninitialised value(s) ==16052== at 0x4015361: (within /lib/ld-2.5.so) ==16052== by 0x40077A7: (within /lib/ld-2.5.so) ==16052== by 0x4008467: (within /lib/ld-2.5.so) ==16052== by 0x400169A: (within /lib/ld-2.5.so) ==16052== by 0x400D8D5: (within /lib/ld-2.5.so) ==16052== by 0x4004817: (within /lib/ld-2.5.so) ==16052== by 0x4013F0A: (within /lib/ld-2.5.so) ==16052== by 0x40012D6: (within /lib/ld-2.5.so) ==16052== by 0x4000A77: (within /lib/ld-2.5.so) ==16052== ==16052== Conditional jump or move depends on uninitialised value(s) ==16052== at 0x4015361: (within /lib/ld-2.5.so) ==16052== by 0x400A71D: (within /lib/ld-2.5.so) ==16052== by 0x40061A3: (within /lib/ld-2.5.so) ==16052== by 0x4008513: (within /lib/ld-2.5.so) ==16052== by 0x400169A: (within /lib/ld-2.5.so) ==16052== by 0x400D8D5: (within /lib/ld-2.5.so) ==16052== by 0x4004817: (within /lib/ld-2.5.so) ==16052== by 0x4013F0A: (within /lib/ld-2.5.so) ==16052== by 0x40012D6: (within /lib/ld-2.5.so) ==16052== by 0x4000A77: (within /lib/ld-2.5.so) ==16052== ==16052== Conditional jump or move depends on uninitialised value(s) ==16052== at 0x400ADF5: (within /lib/ld-2.5.so) ==16052== by 0x4003CDD: (within /lib/ld-2.5.so) ==16052== by 0x4013F0A: (within /lib/ld-2.5.so) ==16052== by 0x40012D6: (within /lib/ld-2.5.so) ==16052== by 0x4000A77: (within /lib/ld-2.5.so) ==16052== ==16052== Conditional jump or move depends on uninitialised value(s) ==16052== at 0x400ADFE: (within /lib/ld-2.5.so) ==16052== by 0x4003CDD: (within /lib/ld-2.5.so) ==16052== by 0x4013F0A: (within /lib/ld-2.5.so) ==16052== by 0x40012D6: (within /lib/ld-2.5.so) ==16052== by 0x4000A77: (within /lib/ld-2.5.so) Hello World ==16052== ==16052== ERROR SUMMARY: 8 errors from 8 contexts (suppressed: 0 from 0) ==16052== malloc/free: in use at exit: 0 bytes in 0 blocks. ==16052== malloc/free: 0 allocs, 0 frees, 0 bytes allocated. ==16052== For counts of detected errors, rerun with: -v ==16052== All heap blocks were freed -- no leaks are possible. ----------- LANG=C gcc --version gcc (GCC) 4.1.2 20061115 (prerelease) (Debian 4.1.1-21) Copyright (C) 2006 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. -- System Information: Debian Release: lenny/sid APT prefers oldstable APT policy: (500, 'oldstable'), (500, 'dapper-updates'), (500, 'dapper-security'), (500, 'dapper-proposed'), (500, 'dapper-backports'), (500, 'dapper'), (500, 'unstable'), (500, 'testing') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.15-1-amd64-generic Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]