1043557 – nscd segfaults when running sudo with netgroup caching enabled.

Bug 1043557 - nscd segfaults when running sudo with netgroup caching enabled.

Summary: nscd segfaults when running sudo with netgroup caching enabled.

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	glibc
Sub Component:
Version:	6.5
Hardware:	x86_64
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	rc
Target Release:	6.6
Assignee:	Siddhesh Poyarekar
QA Contact:	Arjun Shankar
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	1087838 (view as bug list)
Depends On:
Blocks:	994246 1023566 1054846 1056252 1087789
TreeView+	depends on / blocked

Reported:	2013-12-16 16:09 UTC by hgraham
Modified:	2019-09-12 07:48 UTC (History)
CC List:	19 users (show)
Fixed In Version:	glibc-2.12-1.133.el6
Doc Type:	Bug Fix
Doc Text:	Due to problems with buffer extension and reallocation, the nscd daemon terminated unexpectedly with a segmentation fault when processing long netgroup entries. With this update, the handling of long netgroup entries has been corrected and nscd no longer crashes in the described scenario.
Clone Of:
Clones:	1138520 (view as bug list)
Environment:
Last Closed:	2014-10-14 04:42:37 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Knowledge Base (Solution)	643023	0	None	None	None	Never
Red Hat Product Errata	RHSA-2014:1391	0	normal	SHIPPED_LIVE	Moderate: glibc security, bug fix, and enhancement update	2014-10-14 01:11:04 UTC

Description hgraham 2013-12-16 16:09:26 UTC

Description of problem:
After upgrading to RHEL6.5 nscd segfaults when a user runs sudo. It appears the problem is due to netgroup caching by nscd. The netgroups are stored in LDAP.

Version-Release number of selected component (if applicable):
nscd-2.12-1.132.el6.x86_64

How reproducible:
I haven't reproduced, but this is happening on multiple servers for the customer

Steps to Reproduce:
1. Need to use sudo with nscd netgroup caching and netgroups stored in LDAP

Actual results:
nscd segfaults when running sudo

Dec 13 08:54:28 server kernel: nscd[11646]: segfault at 7fffe54ed000 ip 00007ffff6e32aab sp 00007fffe54e98e8 error 6 in libc-2.12.so[7ffff6da9000+18b000]

Expected results:
nscd doesn't segfault when running sudo


Additional info:
possible workaround may be to disable netgroup caching by nscd

Comment 20 Carlos O'Donell 2013-12-20 19:04:58 UTC

The solution in this case is to upgrade nss nss-tools and nss-sysinit. NSS is used by glibc for hashing functions and there are bugs in nss* that impact glibc and nscd.

Comment 65 Siddhesh Poyarekar 2014-04-15 14:15:18 UTC

*** Bug 1087838 has been marked as a duplicate of this bug. ***

Comment 67 errata-xmlrpc 2014-10-14 04:42:37 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2014-1391.html

Note You need to log in before you can comment on or make changes to this bug.