Bug 1795891
| Summary: | ss crash when called from mariadb as an gelera cluster member | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Frank Büttner <bugzilla> | ||||||||||||
| Component: | iproute | Assignee: | Andrea Claudi <aclaudi> | ||||||||||||
| Status: | CLOSED ERRATA | QA Contact: | BaseOS QE Security Team <qe-baseos-security> | ||||||||||||
| Severity: | medium | Docs Contact: | |||||||||||||
| Priority: | medium | ||||||||||||||
| Version: | 7.7 | CC: | aclaudi, atragler, pvrabec | ||||||||||||
| Target Milestone: | rc | ||||||||||||||
| Target Release: | --- | ||||||||||||||
| Hardware: | Unspecified | ||||||||||||||
| OS: | Unspecified | ||||||||||||||
| Whiteboard: | |||||||||||||||
| Fixed In Version: | iproute-4.11.0-27.el7 | Doc Type: | If docs needed, set a value | ||||||||||||
| Doc Text: | Story Points: | --- | |||||||||||||
| Clone Of: | Environment: | ||||||||||||||
| Last Closed: | 2020-09-29 20:28:24 UTC | Type: | Bug | ||||||||||||
| Regression: | --- | Mount Type: | --- | ||||||||||||
| Documentation: | --- | CRM: | |||||||||||||
| Verified Versions: | Category: | --- | |||||||||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||||||
| Embargoed: | |||||||||||||||
| Attachments: |
|
||||||||||||||
|
Description
Frank Büttner
2020-01-29 07:00:01 UTC
Hi Frank, thanks for the report. From the CentOS report attached to this issue I see that crash happens following the command 'ss -p state listening ( sport = '' 4445 )'. Can you please confirm that? I tried to reproduce the issue using the previous command (and nc to open a socket on port 4445), without success. I see you manage to reproduce it reliably, can you please attach a coredump so I can examine it? Thanks in advance! Hi Andrea, yes this will be correct. But the command will called by the mysqld. It looks like selinux will play an role here, because set it to setenforce 0, then no crash will happens. So I have added the aureport running setenforce 1 and for setenforce 0. Created attachment 1663073 [details]
setenforce 0
Created attachment 1663074 [details]
setenforce 1
Created attachment 1663075 [details]
The core dump file
Hi Frank and thanks for the info.
Upstream commit ebbb219c924cc ("ss: fix NULL pointer access when parsing unix sockets with oldformat") should fix this crash.
Are you able to apply this patch and verify if this is correct?
Hi Andrea, yes of course, when you can show me, where I can find the patch. Than I can build an rpm package and test it in the cluster. Query old google for it will result in an patch, but I don't know is it the right one. Created attachment 1680731 [details]
Hopefully the right patch.
Hi Andrea, I have tested the patch and it will do the job. Now an friendly "Cannot open netlink socket: Permission denied" is reported instant of an crash :) I think the patch included to the package. Thanks for the help. Created attachment 1680733 [details]
The used spec file for the test.
Thank you, Frank. This patch will be included in the next iproute release. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (iproute bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:3999 |