Public bug reported: Binary package hint: iptables
Iptables segfaults if called with an empty source address, e.g. from a broken script (see upstream http://marc.info/?l=netfilter&m=130529014111611&w=2) # iptables -A OUTPUT --source "${NoSuchVar}" -j ACCEPT May 13 12:47:55 n309eh001 kernel: [ 3311.378554] iptables[1948]: segfault at 8e65000 ip 00ddfd18 sp bfe2b6e0 error 4 in libxtables.so.5.0.0[ddc000+6000] Segmentation fault Also problematic is # iptables -A OUTPUT --destination "${NoSuchVar}" -j ACCEPT It does not fail, but adds an wildcard rule instead instead of an single IP rule. The same occurs with # iptables -A INPUT -i "${NoSuchInterfaceName}" -j ACCEPT , which allows input from any interface, not only the one intended. This issue was already reported upstream, see http://marc.info/?l=netfilter&m=129439862903487&w=2 , but did not make it to the ubuntu packages. This might also be a security risk, if another program (e.g. shorewall) calling iptables could end up with empty strings, e.g. due to malconfiguration or due to invalid results from another scripts (DNS- query) # cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=11.04 DISTRIB_CODENAME=natty DISTRIB_DESCRIPTION="Ubuntu 11.04" # apt-cache policy iptables iptables: Installed: 1.4.10-1ubuntu1 Candidate: 1.4.10-1ubuntu1 Version table: *** 1.4.10-1ubuntu1 0 500 http://archive.ubuntu.com/ubuntu/ natty/main i386 Packages 100 /var/lib/dpkg/status ** Affects: iptables (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/782201 Title: iptables segfault on emtpy source address -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs