Bug 1392656
| Summary: | [LLNL 7.4 Bug] fix buffer overflows in util-linux with upstream patch | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Ben Woodard <woodard> | ||||
| Component: | util-linux | Assignee: | Karel Zak <kzak> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Radka Brychtova <rskvaril> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | 7.3 | CC: | foraker1, rskvaril, tdhooge, tgummels, woodard | ||||
| Target Milestone: | rc | ||||||
| Target Release: | 7.4 | ||||||
| Hardware: | x86_64 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | util-linux-2.23.2-36.el7 | Doc Type: | If docs needed, set a value | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2017-08-01 21:41:11 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | |||||||
| Bug Blocks: | 1380361, 1381646, 1393867, 1446211 | ||||||
| Attachments: |
|
||||||
(In reply to Ben Woodard from comment #0) ,,, > LLNL was working on util-linux to fix other issues and found that this > upstream patch helped deal with a problem that they were having. Ben if you could attach a reproducer or describe how to reproduce the defect so QA can validate the code fix it would be appreciated. Alternatively if LLNL could validate the fix with a Red Hat built package that would work too. Thank you, Travis This is an obvious problem which was found through code inspection while searching for another problem. The problem and patch are self evident. (In reply to Ben Woodard from comment #4) > This is an obvious problem which was found through code inspection while > searching for another problem. The problem and patch are self evident. I'm confused, you stated in the description: "... this upstream patch helped deal with a problem that they were having." That seems to imply that LLNL was experiencing a problem that this patch resolved. If that is the case it also means LLNL has knowledge on how to reproduce the problem. Such knowledge could help QA validate that the fix they implemented resolves the problem for the Red Hat built package which could be different than the package LLNL is running. Not really asking for much here, just a way to reproduce the problem or assistance from LLNL to validate the fix if it isn't something that could be validated here for lack of an HPC environment. Hi, I am not sure if I can properly test this. Do you know about some reproducer or real scenario? Or is the customer able to test this? If not I will probably do only some sanity testing. We have been using a local rebuild of util-linux-2.23.2-33.el7 with this patch applied on our production clusters since mid-October. Without the patch, we had issues getting our storage nodes to recognize all of their disks on boot. With the modified util-linux, nodes boot reliably. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:2186 |
Created attachment 1218332 [details] upstream patch to address buffer overflow. LLNL was working on util-linux to fix other issues and found that this upstream patch helped deal with a problem that they were having. This patch addresses a buffer overflow that could happen and looks right and so it is probably a good idea to pick it up.