[Bug 2060354] Re: Segfaults and assertion failures in Xorg's render/glyph.c
** Changed in: xorg-server Status: Unknown => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060354 Title: Segfaults and assertion failures in Xorg's render/glyph.c To manage notifications about this bug go to: https://bugs.launchpad.net/xorg-server/+bug/2060354/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060354] Re: Segfaults and assertion failures in Xorg's render/glyph.c
This bug was fixed in the package xwayland - 2:23.2.0-1ubuntu0.6 --- xwayland (2:23.2.0-1ubuntu0.6) mantic-security; urgency=medium * SECURITY REGRESSION: Fix for CVE-2024-31083 introduced a potential double-free error, causing X to crash - debian/patches/CVE-2024-31083-regression_fix-MR_1476.patch: render: Avoid possible double-free in ProcRenderAddGlyphs() - LP: #2060354 -- Steve Beattie Mon, 08 Apr 2024 20:37:39 -0700 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060354 Title: Segfaults and assertion failures in Xorg's render/glyph.c To manage notifications about this bug go to: https://bugs.launchpad.net/xorg-server/+bug/2060354/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060354] Re: Segfaults and assertion failures in Xorg's render/glyph.c
This bug was fixed in the package xorg-server - 2:1.20.13-1ubuntu1~20.04.17 --- xorg-server (2:1.20.13-1ubuntu1~20.04.17) focal-security; urgency=medium * SECURITY REGRESSION: Avoid possible double-free - debian/patches/CVE-2024-31083-regression.patch: fix a regression caused for a double-free at the last changes fixed by CVE-2024-31083 (LP: #2060354) -- Leonidas Da Silva Barbosa Mon, 08 Apr 2024 22:36:10 -0300 ** Changed in: xwayland (Ubuntu Mantic) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060354 Title: Segfaults and assertion failures in Xorg's render/glyph.c To manage notifications about this bug go to: https://bugs.launchpad.net/xorg-server/+bug/2060354/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060354] Re: Segfaults and assertion failures in Xorg's render/glyph.c
This bug was fixed in the package xorg-server - 2:21.1.4-2ubuntu1.7~22.04.10 --- xorg-server (2:21.1.4-2ubuntu1.7~22.04.10) jammy-security; urgency=medium * SECURITY REGRESSION: Avoid possible double-free - debian/patches/CVE-2024-31083-regression.patch: fix a regression caused for a double-free at the last changes fixed by CVE-2024-31083 (LP: #2060354) -- Leonidas Da Silva Barbosa Tue, 09 Apr 2024 00:18:52 -0300 ** Changed in: xorg-server (Ubuntu Jammy) Status: In Progress => Fix Released ** Changed in: xorg-server (Ubuntu Focal) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060354 Title: Segfaults and assertion failures in Xorg's render/glyph.c To manage notifications about this bug go to: https://bugs.launchpad.net/xorg-server/+bug/2060354/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060354] Re: Segfaults and assertion failures in Xorg's render/glyph.c
This bug was fixed in the package xorg-server - 2:21.1.7-3ubuntu2.9 --- xorg-server (2:21.1.7-3ubuntu2.9) mantic-security; urgency=medium * SECURITY REGRESSION: Avoid possible double-free - debian/patches/CVE-2024-31083-regression.patch: fix a regression caused for a double-free at the last changes fixed by CVE-2024-31083 (LP: #2060354) -- Leonidas Da Silva Barbosa Tue, 09 Apr 2024 00:20:41 -0300 ** Changed in: xorg-server (Ubuntu Mantic) Status: In Progress => Fix Released ** Changed in: xwayland (Ubuntu Jammy) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060354 Title: Segfaults and assertion failures in Xorg's render/glyph.c To manage notifications about this bug go to: https://bugs.launchpad.net/xorg-server/+bug/2060354/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060354] Re: Segfaults and assertion failures in Xorg's render/glyph.c
This bug was fixed in the package xwayland - 2:22.1.1-1ubuntu0.13 --- xwayland (2:22.1.1-1ubuntu0.13) jammy-security; urgency=medium * SECURITY REGRESSION: Avoid possible double-free - debian/patches/CVE-2024-31083-regression.patch: fix a regression caused for a double-free at the last changes fixed by CVE-2024-31083 (LP: #2060354) -- Leonidas Da Silva Barbosa Mon, 08 Apr 2024 22:13:22 -0300 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060354 Title: Segfaults and assertion failures in Xorg's render/glyph.c To manage notifications about this bug go to: https://bugs.launchpad.net/xorg-server/+bug/2060354/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060354] Re: Segfaults and assertion failures in Xorg's render/glyph.c
** Also affects: xorg-server (Ubuntu Noble) Importance: High Status: Triaged ** Also affects: xwayland (Ubuntu Noble) Importance: High Status: Triaged ** Also affects: xorg-server (Ubuntu Jammy) Importance: Undecided Status: New ** Also affects: xwayland (Ubuntu Jammy) Importance: Undecided Status: New ** Also affects: xorg-server (Ubuntu Mantic) Importance: Undecided Status: New ** Also affects: xwayland (Ubuntu Mantic) Importance: Undecided Status: New ** Also affects: xorg-server (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: xwayland (Ubuntu Focal) Importance: Undecided Status: New ** Changed in: xorg-server (Ubuntu Focal) Importance: Undecided => High ** Changed in: xorg-server (Ubuntu Focal) Status: New => In Progress ** Changed in: xorg-server (Ubuntu Jammy) Importance: Undecided => High ** Changed in: xorg-server (Ubuntu Jammy) Status: New => In Progress ** Changed in: xorg-server (Ubuntu Mantic) Importance: Undecided => High ** Changed in: xorg-server (Ubuntu Mantic) Status: New => In Progress ** No longer affects: xwayland (Ubuntu Focal) ** Changed in: xwayland (Ubuntu Jammy) Importance: Undecided => High ** Changed in: xwayland (Ubuntu Jammy) Status: New => In Progress ** Changed in: xwayland (Ubuntu Mantic) Importance: Undecided => High ** Changed in: xwayland (Ubuntu Mantic) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060354 Title: Segfaults and assertion failures in Xorg's render/glyph.c To manage notifications about this bug go to: https://bugs.launchpad.net/xorg-server/+bug/2060354/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060354] Re: Segfaults and assertion failures in Xorg's render/glyph.c
** Also affects: xwayland (Ubuntu) Importance: Undecided Status: New ** Changed in: xwayland (Ubuntu) Status: New => Triaged ** Changed in: xwayland (Ubuntu) Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060354 Title: Segfaults and assertion failures in Xorg's render/glyph.c To manage notifications about this bug go to: https://bugs.launchpad.net/xorg-server/+bug/2060354/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060354] Re: Segfaults and assertion failures in Xorg's render/glyph.c
@sbeattie I tested the package you built for 22.04 and it fixes the problem for me. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060354 Title: Segfaults and assertion failures in Xorg's render/glyph.c To manage notifications about this bug go to: https://bugs.launchpad.net/xorg-server/+bug/2060354/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060354] Re: Segfaults and assertion failures in Xorg's render/glyph.c
@sbeattie It's broken in mantic too. In xwayland, the window dies. in xorg, the session crashes, badly. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060354 Title: Segfaults and assertion failures in Xorg's render/glyph.c To manage notifications about this bug go to: https://bugs.launchpad.net/xorg-server/+bug/2060354/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060354] Re: Segfaults and assertion failures in Xorg's render/glyph.c
** Also affects: xorg-server via https://gitlab.freedesktop.org/xorg/xserver/-/issues/1659 Importance: Unknown Status: Unknown ** Changed in: xorg-server (Ubuntu) Status: Confirmed => Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060354 Title: Segfaults and assertion failures in Xorg's render/glyph.c To manage notifications about this bug go to: https://bugs.launchpad.net/xorg-server/+bug/2060354/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060354] Re: Segfaults and assertion failures in Xorg's render/glyph.c
I have prepared test packages for ubuntu 22.04 LTS/jammy in the https://launchpad.net/~ubuntu-security- proposed/+archive/ubuntu/ppa/+packages PPA for both xorg-server: https://launchpad.net/~ubuntu-security- proposed/+archive/ubuntu/ppa/+sourcepub/15921802/+listing-archive-extra and for xwayland: https://launchpad.net/~ubuntu-security- proposed/+archive/ubuntu/ppa/+sourcepub/15921798/+listing-archive-extra I was able to reproduce the crash under Xwayland in a jammy vm with both intellij and the glyph_memleak.c reproducer, and using the proposed upstream patch seems to address the crash, but more testing is welcome. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060354 Title: Segfaults and assertion failures in Xorg's render/glyph.c To manage notifications about this bug go to: https://bugs.launchpad.net/xorg-server/+bug/2060354/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060354] Re: Segfaults and assertion failures in Xorg's render/glyph.c
The reproducer https://bugs.freedesktop.org/attachment.cgi?id=28621 from the original 2009 bug report https://bugs.freedesktop.org/show_bug.cgi?id=23286 does seem to work at triggering this issue, at least under Xwalyand. ** Bug watch added: freedesktop.org Bugzilla #23286 https://bugs.freedesktop.org/show_bug.cgi?id=23286 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060354 Title: Segfaults and assertion failures in Xorg's render/glyph.c To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/2060354/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060354] Re: Segfaults and assertion failures in Xorg's render/glyph.c
Are people seeing this issue with any other Ubuntu releases, which also received updates addressing CVE-2024-31083, or is this strictly affecting the version in 22.04/jammy? It looks like https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1476 has a proposed fix, in https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1476.patch . -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060354 Title: Segfaults and assertion failures in Xorg's render/glyph.c To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/2060354/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060354] Re: Segfaults and assertion failures in Xorg's render/glyph.c
Yeah, for me it crashed 100% of the time with no changes, and removing a configuration file (which among other things removed my non-default preference for grayscale antialias) completely stopped the crashing. This is in a kvm/qemu VM. So from my perspective, and from a few others users, it looks like the cause and a good workaround. But other people in the set of JetBrains tickets report intermittent, unpredictable crashing that doesn't benefit from such a settings change. I think think upstream is talking about race conditions. So far in the bug report (the Ubuntu one) I don't understand what the proposed course of action is. I think this is the upstream bug report: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1659 ** Bug watch added: gitlab.freedesktop.org/xorg/xserver/-/issues #1659 https://gitlab.freedesktop.org/xorg/xserver/-/issues/1659 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060354 Title: Segfaults and assertion failures in Xorg's render/glyph.c To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/2060354/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060354] Re: Segfaults and assertion failures in Xorg's render/glyph.c
I'm wondering if the anti-aliasing mode is a bit of a red hearing here, or only partially related. In my case, the app that triggers this is CLion 2023.3. Except in my case, I can reproduce it consistently simply by *changing* the anti-aliasing setting between subpixel and grayscale (in *either* direction) and clicking "apply." But once I log back in and re-launch the app, the system works fine and doesn't crash (regardless of the setting). Outside of that action, the bug behaves more like a time-bomb. There seems to be like a 5% chance that clicking the "debug" icon in the toolbar will take down my X session. Most of the time it works fine, until it doesn't. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060354 Title: Segfaults and assertion failures in Xorg's render/glyph.c To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/2060354/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060354] Re: Segfaults and assertion failures in Xorg's render/glyph.c
for what it's worth, JetBrains bug reports find that the problem is triggered by requesting grayscale anti-aliasing. https://youtrack.jetbrains.com/issue/IDEA-350864/Idea.sh-abort-X-window -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060354 Title: Segfaults and assertion failures in Xorg's render/glyph.c To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/2060354/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060354] Re: Segfaults and assertion failures in Xorg's render/glyph.c
It seems it's the *fix* for the CVE that's crashing in version 2:21.1.4-2ubuntu1.7~22.04.9 rather than the CVE itself. https://launchpad.net/ubuntu/+source/xorg- server/2:21.1.4-2ubuntu1.7~22.04.9 ** Also affects: xorg-server (Ubuntu Mantic) Importance: Undecided Status: New ** Also affects: xorg-server (Ubuntu Noble) Importance: High Status: Confirmed ** Also affects: xorg-server (Ubuntu Jammy) Importance: Undecided Status: New ** Tags removed: fixed-in-xorg-21.1.12 fixed-upstream mantic noble ** Tags added: regression-update ** No longer affects: xorg-server (Ubuntu Mantic) ** No longer affects: xorg-server (Ubuntu Noble) ** No longer affects: xorg-server (Ubuntu Jammy) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060354 Title: Segfaults and assertion failures in Xorg's render/glyph.c To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/2060354/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060354] Re: Segfaults and assertion failures in Xorg's render/glyph.c
** Changed in: xorg-server (Ubuntu) Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060354 Title: Segfaults and assertion failures in Xorg's render/glyph.c To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/2060354/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs