*** This bug is a security vulnerability *** Public security bug reported:
After upgrading to Ubuntu 19.04, I started experiencing sporadic crashes in kodi when turning my AV receiver on. Ubuntu 19.04 upgraded alsa- plugins to 1.1.8. For alsa-plugins >= 1.1.8, the ALSA jack plugin is enabled by default in /etc/alsa/conf.d/50-jack.conf. The crashes are caused by a race condition when kodi's audio engine thread is enumerating the ALSA sound devices, and the udev thread is enumerating the udev devices triggered by the sound device add from turning the AVR on. When enumering the ALSA jack plugin device, it tries to connect to connect to jackd. Since I don't have jackd installed, it fails to connect. libjack closes the socket on error, and then closes it again in it's cleanup code. Since it's closing the same file descriptor twice, it interacts with other threads that have potentially opened file descriptors, and causes the crash. This same bug could potentially affect other multithreaded programs that enumerate ALSA devices. Fix committed upstream: https://github.com/jackaudio/jack2/commit/dad4b5702782eef3bd66e3c3f4fefaaae3571208 ** Affects: jackd2 (Ubuntu) Importance: Undecided Status: New ** Affects: jackd2 (Debian) Importance: Undecided Status: New ** Bug watch added: github.com/xbmc/xbmc/issues #16258 https://github.com/xbmc/xbmc/issues/16258 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1833479 Title: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/jackd2/+bug/1833479/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
