[Bug 1703401] Re: NULL pointer dereference triggered by openvswitch autopkg testcase
** Changed in: linux (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1703401 Title: NULL pointer dereference triggered by openvswitch autopkg testcase To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1703401/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1703401] Re: NULL pointer dereference triggered by openvswitch autopkg testcase
This bug was fixed in the package linux - 3.13.0-125.174 --- linux (3.13.0-125.174) trusty; urgency=low * linux: 3.13.0-125.174 -proposed tracker (LP: #1703396) * NULL pointer dereference triggered by openvswitch autopkg testcase (LP: #1703401) - Revert "rtnl/do_setlink(): notify when a netdev is modified" - Revert "rtnl/do_setlink(): last arg is now a set of flags" - Revert "rtnl/do_setlink(): set modified when IFLA_LINKMODE is updated" - Revert "rtnl/do_setlink(): set modified when IFLA_TXQLEN is updated" - Revert "rtnetlink: provide api for getting and setting slave info" linux (3.13.0-124.173) trusty; urgency=low * linux: 3.13.0-124.173 -proposed tracker (LP: #1701042) * CVE-2017-7895 - nfsd: Remove assignments inside conditions - svcrdma: Do not add XDR padding to xdr_buf page vector - nfsd4: minor NFSv2/v3 write decoding cleanup - nfsd: stricter decoding of write-like NFSv2/v3 ops * CVE-2017-9605 - drm/vmwgfx: Make sure backup_handle is always valid * CVE-2017-1000380 - ALSA: timer: Fix race between read and ioctl - ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT * linux <3.18: netlink notification is missing when an interface is modified (LP: #1690094) - rtnetlink: provide api for getting and setting slave info - rtnl/do_setlink(): set modified when IFLA_TXQLEN is updated - rtnl/do_setlink(): set modified when IFLA_LINKMODE is updated - rtnl/do_setlink(): last arg is now a set of flags - rtnl/do_setlink(): notify when a netdev is modified * CVE-2015-8944 - Make file credentials available to the seqfile interfaces - /proc/iomem: only expose physical resource addresses to privileged users * CVE-2016-10088 - sg_write()/bsg_write() is not fit to be called under KERNEL_DS * CVE-2017-7346 - drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl() * CVE-2015-8966 - arm: fix handling of F_OFD_... in oabi_fcntl64() * Missing IOTLB flush causes DMAR errors with SR-IOV (LP: #1697053) - iommu/vt-d: Fix missing IOTLB flush in intel_iommu_unmap() * CVE-2017-8924 - USB: serial: io_ti: fix information leak in completion handler * CVE-2017-8925 - USB: serial: omninet: fix reference leaks at open * CVE-2015-8967 - arm64: make sys_call_table const * CVE-2015-8964 - tty: Prevent ldisc drivers from re-using stale tty fields * CVE-2015-8955 - arm64: perf: reject groups spanning multiple HW PMUs * CVE-2015-8962 - sg: Fix double-free when drives detach during SG_IO * CVE-2015-8963 - perf: Fix race in swevent hash * CVE-2017-9074 - ipv6: Check ip6_find_1stfragopt() return value properly. * CVE-2014-9900 - net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol() -- Thadeu Lima de Souza CascardoMon, 10 Jul 2017 13:02:31 -0300 ** Changed in: linux (Ubuntu Trusty) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-9900 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-8944 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-8955 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-8962 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-8963 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-8964 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-8966 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-8967 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-10088 ** CVE added: https://cve.mitre.org/cgi- bin/cvename.cgi?name=2017-1000380 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-7346 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-7895 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-8924 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-8925 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9074 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9605 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1703401 Title: NULL pointer dereference triggered by openvswitch autopkg testcase To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1703401/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1703401] Re: NULL pointer dereference triggered by openvswitch autopkg testcase
** Also affects: linux (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Trusty) Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1703401 Title: NULL pointer dereference triggered by openvswitch autopkg testcase To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1703401/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1703401] Re: NULL pointer dereference triggered by openvswitch autopkg testcase
** Description changed: Trusty kernel 3.13.0-124.173, current on -proposed, has a regression - introduced by the patches for bug#1690094. + introduced by the patches for bug #1690094. This is causing the openvswitch autopkgtest testcase to hang: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-trusty/trusty/amd64/o/openvswitch/20170710_093748_a5f0a@/log.gz because of the following kernel bug: == [ 16.371056] random: nonblocking pool is initialized [ 22.187846] gre: GRE over IPv4 demultiplexor driver [ 22.190604] openvswitch: Open vSwitch switching datapath [ 27.919352] gre: GRE over IPv4 demultiplexor driver [ 27.920959] openvswitch: Open vSwitch switching datapath [ 28.230062] IPv6: ADDRCONF(NETDEV_UP): s1-eth1: link is not ready [ 28.255859] IPv6: ADDRCONF(NETDEV_CHANGE): s1-eth1: link becomes ready [ 28.294253] IPv6: ADDRCONF(NETDEV_UP): s1-eth2: link is not ready [ 28.310647] IPv6: ADDRCONF(NETDEV_CHANGE): s1-eth2: link becomes ready [ 28.341512] IPv6: ADDRCONF(NETDEV_UP): s1-eth3: link is not ready [ 28.358174] IPv6: ADDRCONF(NETDEV_CHANGE): s1-eth3: link becomes ready [ 28.386774] IPv6: ADDRCONF(NETDEV_UP): s1-eth4: link is not ready [ 28.402249] IPv6: ADDRCONF(NETDEV_CHANGE): s1-eth4: link becomes ready [ 28.431979] IPv6: ADDRCONF(NETDEV_UP): s1-eth5: link is not ready [ 28.446848] IPv6: ADDRCONF(NETDEV_CHANGE): s1-eth5: link becomes ready [ 28.482404] IPv6: ADDRCONF(NETDEV_UP): s1-eth6: link is not ready [ 28.498450] IPv6: ADDRCONF(NETDEV_CHANGE): s1-eth6: link becomes ready [ 28.530356] IPv6: ADDRCONF(NETDEV_UP): s1-eth7: link is not ready [ 28.546206] IPv6: ADDRCONF(NETDEV_CHANGE): s1-eth7: link becomes ready [ 28.578384] IPv6: ADDRCONF(NETDEV_UP): s2-eth1: link is not ready [ 28.594164] IPv6: ADDRCONF(NETDEV_CHANGE): s2-eth1: link becomes ready [ 28.623885] IPv6: ADDRCONF(NETDEV_UP): s2-eth2: link is not ready [ 28.642570] IPv6: ADDRCONF(NETDEV_CHANGE): s2-eth2: link becomes ready [ 28.669156] IPv6: ADDRCONF(NETDEV_UP): s2-eth3: link is not ready [ 28.683255] IPv6: ADDRCONF(NETDEV_CHANGE): s2-eth3: link becomes ready [ 28.716490] IPv6: ADDRCONF(NETDEV_UP): s2-eth4: link is not ready [ 28.734239] IPv6: ADDRCONF(NETDEV_CHANGE): s2-eth4: link becomes ready [ 28.763779] IPv6: ADDRCONF(NETDEV_UP): s2-eth5: link is not ready [ 28.782221] IPv6: ADDRCONF(NETDEV_CHANGE): s2-eth5: link becomes ready [ 28.810559] IPv6: ADDRCONF(NETDEV_UP): s2-eth6: link is not ready [ 28.826181] IPv6: ADDRCONF(NETDEV_CHANGE): s2-eth6: link becomes ready [ 28.856232] IPv6: ADDRCONF(NETDEV_UP): s2-eth7: link is not ready [ 28.875082] IPv6: ADDRCONF(NETDEV_CHANGE): s2-eth7: link becomes ready [ 28.901120] IPv6: ADDRCONF(NETDEV_UP): s1-eth8: link is not ready [ 28.909372] IPv6: ADDRCONF(NETDEV_CHANGE): s1-eth8: link becomes ready [ 28.986164] device ovs-system entered promiscuous mode [ 29.001788] device s1 entered promiscuous mode [ 29.021015] BUG: unable to handle kernel NULL pointer dereference at 00a8 [ 29.021600] IP: [] if_nlmsg_size+0xfb/0x240 - [ 29.021990] PGD 3bfec067 PUD 36c7e067 PMD 0 - [ 29.022303] Oops: [#1] SMP + [ 29.021990] PGD 3bfec067 PUD 36c7e067 PMD 0 + [ 29.022303] Oops: [#1] SMP [ 29.022540] Modules linked in: veth openvswitch gre vxlan ip_tunnel libcrc32c 9p ppdev kvm_intel kvm 9pnet_virtio serio_raw 9pnet parport_pc parport i2c_piix4 mac_hid psmouse floppy pata_acpi [last unloaded:] [ 29.023992] CPU: 0 PID: 2255 Comm: ovs-vswitchd Not tainted 3.13.0-124-generic #173-Ubuntu [ 29.024012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014 [ 29.024012] task: 88003d5f1800 ti: 880036c7c000 task.ti: 880036c7c000 [ 29.024012] RIP: 0010:[] [] if_nlmsg_size+0xfb/0x240 [ 29.024012] RSP: 0018:880036c7d850 EFLAGS: 00010286 [ 29.024012] RAX: 88003bb41000 RBX: 88003ac9b000 RCX: 00d0 [ 29.024012] RDX: RSI: RDI: 88003ac9b000 [ 29.024012] RBP: 880036c7d888 R08: R09: [ 29.024012] R10: 44ed R11: 006d65747379732d R12: 0344 [ 29.024012] R13: R14: a011c000 R15: 0014 [ 29.024012] FS: 7f2a595e3980() GS:88003fc0() knlGS: [ 29.024012] CS: 0010 DS: ES: CR0: 80050033 [ 29.024012] CR2: 00a8 CR3: 3d5ff000 CR4: 06f0 [ 29.024012] Stack: [ 29.024012] 88003bb41000 00d0 0010 [ 29.024012] 81cdaf00 88003ac9b000 880036c7d8d8 [ 29.024012] 81642f82
[Bug 1703401] Re: NULL pointer dereference triggered by openvswitch autopkg testcase
** Changed in: linux (Ubuntu) Status: Incomplete => In Progress ** Changed in: linux (Ubuntu) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1703401 Title: NULL pointer dereference triggered by openvswitch autopkg testcase To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1703401/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1703401] Re: NULL pointer dereference triggered by openvswitch autopkg testcase
apport information ** Tags added: apport-collected ** Description changed: Trusty kernel 3.13.0-124.173, current on -proposed, has a regression introduced by the patches for bug#1690094. This is causing the openvswitch autopkgtest testcase to hang: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-trusty/trusty/amd64/o/openvswitch/20170710_093748_a5f0a@/log.gz because of the following kernel bug: == [ 16.371056] random: nonblocking pool is initialized [ 22.187846] gre: GRE over IPv4 demultiplexor driver [ 22.190604] openvswitch: Open vSwitch switching datapath [ 27.919352] gre: GRE over IPv4 demultiplexor driver [ 27.920959] openvswitch: Open vSwitch switching datapath [ 28.230062] IPv6: ADDRCONF(NETDEV_UP): s1-eth1: link is not ready [ 28.255859] IPv6: ADDRCONF(NETDEV_CHANGE): s1-eth1: link becomes ready [ 28.294253] IPv6: ADDRCONF(NETDEV_UP): s1-eth2: link is not ready [ 28.310647] IPv6: ADDRCONF(NETDEV_CHANGE): s1-eth2: link becomes ready [ 28.341512] IPv6: ADDRCONF(NETDEV_UP): s1-eth3: link is not ready [ 28.358174] IPv6: ADDRCONF(NETDEV_CHANGE): s1-eth3: link becomes ready [ 28.386774] IPv6: ADDRCONF(NETDEV_UP): s1-eth4: link is not ready [ 28.402249] IPv6: ADDRCONF(NETDEV_CHANGE): s1-eth4: link becomes ready [ 28.431979] IPv6: ADDRCONF(NETDEV_UP): s1-eth5: link is not ready [ 28.446848] IPv6: ADDRCONF(NETDEV_CHANGE): s1-eth5: link becomes ready [ 28.482404] IPv6: ADDRCONF(NETDEV_UP): s1-eth6: link is not ready [ 28.498450] IPv6: ADDRCONF(NETDEV_CHANGE): s1-eth6: link becomes ready [ 28.530356] IPv6: ADDRCONF(NETDEV_UP): s1-eth7: link is not ready [ 28.546206] IPv6: ADDRCONF(NETDEV_CHANGE): s1-eth7: link becomes ready [ 28.578384] IPv6: ADDRCONF(NETDEV_UP): s2-eth1: link is not ready [ 28.594164] IPv6: ADDRCONF(NETDEV_CHANGE): s2-eth1: link becomes ready [ 28.623885] IPv6: ADDRCONF(NETDEV_UP): s2-eth2: link is not ready [ 28.642570] IPv6: ADDRCONF(NETDEV_CHANGE): s2-eth2: link becomes ready [ 28.669156] IPv6: ADDRCONF(NETDEV_UP): s2-eth3: link is not ready [ 28.683255] IPv6: ADDRCONF(NETDEV_CHANGE): s2-eth3: link becomes ready [ 28.716490] IPv6: ADDRCONF(NETDEV_UP): s2-eth4: link is not ready [ 28.734239] IPv6: ADDRCONF(NETDEV_CHANGE): s2-eth4: link becomes ready [ 28.763779] IPv6: ADDRCONF(NETDEV_UP): s2-eth5: link is not ready [ 28.782221] IPv6: ADDRCONF(NETDEV_CHANGE): s2-eth5: link becomes ready [ 28.810559] IPv6: ADDRCONF(NETDEV_UP): s2-eth6: link is not ready [ 28.826181] IPv6: ADDRCONF(NETDEV_CHANGE): s2-eth6: link becomes ready [ 28.856232] IPv6: ADDRCONF(NETDEV_UP): s2-eth7: link is not ready [ 28.875082] IPv6: ADDRCONF(NETDEV_CHANGE): s2-eth7: link becomes ready [ 28.901120] IPv6: ADDRCONF(NETDEV_UP): s1-eth8: link is not ready [ 28.909372] IPv6: ADDRCONF(NETDEV_CHANGE): s1-eth8: link becomes ready [ 28.986164] device ovs-system entered promiscuous mode [ 29.001788] device s1 entered promiscuous mode [ 29.021015] BUG: unable to handle kernel NULL pointer dereference at 00a8 [ 29.021600] IP: [] if_nlmsg_size+0xfb/0x240 [ 29.021990] PGD 3bfec067 PUD 36c7e067 PMD 0 [ 29.022303] Oops: [#1] SMP [ 29.022540] Modules linked in: veth openvswitch gre vxlan ip_tunnel libcrc32c 9p ppdev kvm_intel kvm 9pnet_virtio serio_raw 9pnet parport_pc parport i2c_piix4 mac_hid psmouse floppy pata_acpi [last unloaded:] [ 29.023992] CPU: 0 PID: 2255 Comm: ovs-vswitchd Not tainted 3.13.0-124-generic #173-Ubuntu [ 29.024012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014 [ 29.024012] task: 88003d5f1800 ti: 880036c7c000 task.ti: 880036c7c000 [ 29.024012] RIP: 0010:[] [] if_nlmsg_size+0xfb/0x240 [ 29.024012] RSP: 0018:880036c7d850 EFLAGS: 00010286 [ 29.024012] RAX: 88003bb41000 RBX: 88003ac9b000 RCX: 00d0 [ 29.024012] RDX: RSI: RDI: 88003ac9b000 [ 29.024012] RBP: 880036c7d888 R08: R09: [ 29.024012] R10: 44ed R11: 006d65747379732d R12: 0344 [ 29.024012] R13: R14: a011c000 R15: 0014 [ 29.024012] FS: 7f2a595e3980() GS:88003fc0() knlGS: [ 29.024012] CS: 0010 DS: ES: CR0: 80050033 [ 29.024012] CR2: 00a8 CR3: 3d5ff000 CR4: 06f0 [ 29.024012] Stack: [ 29.024012] 88003bb41000 00d0 0010 [ 29.024012] 81cdaf00 88003ac9b000 880036c7d8d8 [ 29.024012] 81642f82 735f7265776f6cfa ff00316874652d31 88003ac9b000 [ 29.024012] Call Trace: