Slackware This Forum is for the discussion of Slackware Linux.
|
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
09-12-2013, 02:48 PM
|
#1
|
|
Member
Registered: Aug 2012
Posts: 484
Rep: 
|
[Slackware-current]: glibc 2.17; CVE-2013-4332
Pat:
Three integer overflow vulnerabilities were recently discovered in glibc memory allocator functions:
pvalloc, valloc, and memalign which can corrupt the heap. The issue was assigned CVE-2013-4332.
I've made available a backport patch for glibc 2.17 for your consideration.
To test this vulnerability you can run the PoC as below:
Pre-patch:
Code:
root@infinity:~# ./glibc-test ; echo $?
*** Error in `./glibc-test': free(): invalid next size (normal): 0x093a4008 ***
^C
Post-patch:
Code:
root@infinity:~# ./glibc-test ; echo $?
0
PoC:
Code:
/* gcc -o glibc-test glibc-test.c */
#include <stdlib.h>
#include <malloc.h>
#include <unistd.h>
int main(void)
{
void *memptr;
unsigned long pagesize = getpagesize();
/* uncomment one at a time (pvalloc, valloc, or posix_memalign) */
pvalloc (-pagesize);
//valloc (-pagesize);
//posix_memalign(&memptr, pagesize, -pagesize);
return 0;
}
--mancha
---
[1] http://seclists.org/oss-sec/2013/q3/597
[2] https://sourceware.org/git/?p=glibc....h=1159a193696a
[3] https://sourceware.org/git/?p=glibc....h=55e17aadc1ef
[4] https://sourceware.org/git/?p=glibc....h=b73ed247781d |
|
|
|
|
09-12-2013, 05:48 PM
|
#2
|
|
Member
Registered: Sep 2006
Location: Earth
Distribution: Slackware 14.1 Slackware64-current multilib
Posts: 278
Rep:
|
glibc 2.18 has same problem; (against my 2.18 multilib build).
|
|
|
|
|
09-12-2013, 06:04 PM
|
#3
|
|
Member
Registered: Aug 2012
Posts: 484
Original Poster
Rep:
|
Quote:
|
Originally Posted by number22
glibc 2.18 has same problem; (against my 2.18 multilib build).
|
The commits I referenced: [2], [3], and [4] should apply cleanly to glibc 2.18 once you remove
the ChangeLog blobs.
--mancha |
|
|
1 members found this post helpful.
|
|
09-12-2013, 07:34 PM
|
#4
|
|
Member
Registered: Sep 2006
Location: Earth
Distribution: Slackware 14.1 Slackware64-current multilib
Posts: 278
Rep:
|
tried your patch with clean 2.17 glibc SlackBuild 64 bit(slackbuild and all slackware's patches), still have the problem.
Last edited by number22; 09-12-2013 at 07:36 PM.
|
|
|
|
|
09-13-2013, 09:23 AM
|
#5
|
|
Member
Registered: Jul 2013
Posts: 113
Rep:
|
Is this why I'm seeing this bug:
Code:
bash-4.2$ firefox
(process:15933): GLib-CRITICAL **: g_slice_set_config: assertion `sys_page_size == 0' failed
randomly from a few web sites? |
|
|
|
|
09-13-2013, 10:58 AM
|
#6
|
|
Senior Member
Registered: Jan 2005
Location: Istanbul, Turkey
Distribution: Slackware64 15.0, Slackwarearm 14.2
Posts: 1,158
|
Glib and glibc are different things. The former is a part of the Gtk+ toolkit that is also used by Firefox.
|
|
|
|
|
09-14-2013, 07:47 AM
|
#7
|
|
Member
Registered: Aug 2012
Posts: 484
Original Poster
Rep:
|
Quote:
|
Originally Posted by number22
tried your patch with clean 2.17 glibc SlackBuild 64 bit(slackbuild and all slackware's patches), still have the problem.
|
Works perfectly fine for me on both Slackware-current and Slackware64-current.
--mancha
Last edited by mancha; 09-14-2013 at 07:57 AM.
|
|
|
|
|
09-14-2013, 03:35 PM
|
#8
|
|
Member
Registered: Sep 2006
Location: Earth
Distribution: Slackware 14.1 Slackware64-current multilib
Posts: 278
Rep:
|
Quote:
Originally Posted by mancha
Works perfectly fine for me on both Slackware-current and Slackware64-current.
--mancha
|
I used 3 patches from links you provided and finally get all(pvalloc, valloc, posix_memalign) works(2.17, and 2.18 multilibs), anyway, thanks, I don't know why your patch didn't. And I tested on glibc 2.7 (slackware 12.2), this problem occurred as well.
Last edited by number22; 09-14-2013 at 03:38 PM.
|
|
|
|
|
09-18-2013, 10:21 AM
|
#9
|
|
Member
Registered: Aug 2012
Posts: 484
Original Poster
Rep:
|
Great way to start one's day - a beta announcement!
Glad my CVE-2013-4332 backport works back to 2.9 (with offsets); I hadn't checked anything aside from -current though I guess I should have. Tagging this thread solved.
--mancha
PS Small typo in ChangeLog.txt and security announcement that might be worth fixing: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2013-4332" (extra 2013 slipped in)
|
|
|
|
|
11-11-2013, 08:22 AM
|
#10
|
|
Senior Member
Registered: Nov 2008
Location: USA
Distribution: Slackware, FreeBSD, FreeDOS, Illumos, NetBSD, OpenBSD, DragonflyBSD, Replicant, Plan9, Inferno, HURD
Posts: 1,237
|
On Slackware 14.1, I am having the exact same problem with Firefox, and perhaps other programs, but definitely similar results--segmentation faults--on many of the programs I use or used: Emacs, GIMP, Seamonkey, Thunderbird, image viewers, etc., and I had had the problem on SlackBuilds like Claws Mail, but I also did a new installation on my PC and laptop, without SlackBuilds, erased all my X/KDE configuration. Someone said it may be my RAM, however that is just several months old, and I did memtest86+ until it said '100%', with no errors (though it seemed like it had only got far into test #8 of 11 and was calling that '100%', but was still going--I thought it restarted). My installation ISO's md5sum was ok.
|
|
|
|
|
11-11-2013, 02:36 PM
|
#11
|
|
Member
Registered: Aug 2012
Posts: 484
Original Poster
Rep:
|
Quote:
Originally Posted by dchmelik
On Slackware 14.1, I am having the exact same problem with Firefox, and perhaps other programs, but definitely similar results--segmentation faults--on many of the programs.
|
It's unclear to me how this has anything to do with this thread: glibc 2.17 & CVE-2013-4332.
--mancha |
|
|
|
|
11-11-2013, 02:42 PM
|
#12
|
|
LQ Veteran
Registered: May 2008
Posts: 7,135
|
It looks like he's latched onto post #5, but didn't read Ilgar's reply in post #6 saying that it wasn't relevant.  |
|
|
|
|
11-11-2013, 03:08 PM
|
#13
|
|
Member
Registered: Apr 2011
Location: Canada
Distribution: Slackware
Posts: 99
Rep: 
|
Quote:
Originally Posted by jon lee
Is this why I'm seeing this bug:
Code:
bash-4.2$ firefox
(process:15933): GLib-CRITICAL **: g_slice_set_config: assertion `sys_page_size == 0' failed
randomly from a few web sites? |
For reference, that's this bug. It's a pretty critical error, but it also seems extremely rare for it to affect anything at all. And yes, it's a GLib error, not a glibc error, so it has nothing to do with this thread in particular.
Slackware 14.1 gets released, and within a week OpenSSH and glibc have vulnerabilities. Seems legit. |
|
|
|
All times are GMT -5. The time now is 12:44 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
