1473735 – ovs-vswitchd crashes with SIGSEGV randomly when adding/removing interfaces

Bug 1473735 - ovs-vswitchd crashes with SIGSEGV randomly when adding/removing interfaces

Summary: ovs-vswitchd crashes with SIGSEGV randomly when adding/removing interfaces

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	openvswitch
Sub Component:
Version:	10.0 (Newton)
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	high
Target Milestone:	z4
Target Release:	10.0 (Newton)
Assignee:	Timothy Redaelli
QA Contact:	Alexander Stafeyev
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2017-07-21 14:19 UTC by Daniel Alvarez Sanchez
Modified:	2022-07-09 08:47 UTC (History)
CC List:	9 users (show)
Fixed In Version:	openvswitch-2.6.1-12.git20161206.el7ost
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2017-09-06 16:59:49 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	1468334	0	high	CLOSED	neutron-openvswitch-agent crashes after SIGTERM is received and openvswitch/agent are not restarted	2022-07-09 15:58:42 UTC
Red Hat Bugzilla	1472832	1	None	None	None	2021-12-10 15:09:36 UTC
Red Hat Issue Tracker	OSP-11302	0	None	None	None	2021-12-10 15:16:25 UTC
Red Hat Product Errata	RHSA-2017:2648	0	normal	SHIPPED_LIVE	Moderate: openvswitch security and bug fix update	2017-09-06 20:53:24 UTC

Description Daniel Alvarez Sanchez 2017-07-21 14:19:01 UTC

This bug is a follow up from bug #1468334 [0].

Through the examination of the coredump submitted to it, we concluded that getifaddrs() from glibc is returning an interface with ifa_name set to NULL.
When openvswitch tries to compare it through strncmp(), it will crash trying to access a NULL location.

I have submitted a patch to OVS master [1] which checks that ifa_name is not NULL prior to calling strncmp(). 

Versions:

glibc.x86_64                    2.17-157.el7_3.1 
kernel.x86_64                   3.10.0-514.6.1.el7

Additional info:
This's been observed in an OpenStack compute node using hybrid firewall (more interfaces) and ~70 VM's (with a total of ~400 interfaces).
It looks like this bug comes from a different bug in glibc which shouldn't
return an unnamed interface. I have filled a bug [2] but until it's confirmed/fixed I think we have to protect ourselves in OVS through [1].

[0] https://bugzilla.redhat.com/show_bug.cgi?id=1468334
Version-Release number of selected component (if applicable):
[1] https://mail.openvswitch.org/pipermail/ovs-dev/2017-July/335859.html
[2] https://sourceware.org/bugzilla/show_bug.cgi?id=21812

Comment 9 Daniel Alvarez Sanchez 2017-08-17 13:37:15 UTC

Patches:

https://mail.openvswitch.org/pipermail/ovs-dev/2017-July/336082.html
https://github.com/openvswitch/ovs/commit/c19bf36d848cbdf755c6760fad1726c95e4377f1

Comment 13 errata-xmlrpc 2017-09-06 16:59:49 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2017:2648

Note You need to log in before you can comment on or make changes to this bug.