Bug 89038 - ptrace calls broken in security update kernel-2.4.18-27.7
ptrace calls broken in security update kernel-2.4.18-27.7
Status: CLOSED WONTFIX
Product: Red Hat Linux
Classification: Retired
Component: kernel (Show other bugs)
7.1
i386 Linux
high Severity high
: ---
: ---
Assigned To: Arjan van de Ven
Brian Brock
http://www.ussg.iu.edu/hypermail/linu...
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-04-16 15:50 EDT by Chris Gottbrath
Modified: 2005-10-31 17:00 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-09-30 11:40:48 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Chris Gottbrath 2003-04-16 15:50:00 EDT
As previously reported on kernel mailing list.

http://www.ussg.iu.edu/hypermail/linux/kernel/0304.0/0137.html

The security update causes serious problems with the
TotalView debugger.

Any word on when a fixed set of kernel rpms will be available?

Currently we are instructing our customers as follows, however an RPM update
that applies Alan's suggested fix would be greatly appreciated:


  * A kernel update RPM package was released for RedHat 7.1, 7.2, 7.3,
    and 8.0 to address a vulnerability in ptrace.  This fix introduced
    a new bug in the kernel which causes TotalView to crash and
    introduces other kernel stability problems.  The kernel developers
    have located problem and a new fix should be forthcoming.

    If you are experiencing this problem and build your own Linux
    kernels, the solution is to change the definition of "is_dumpable"
    in include/linux/sched.h from:

      #define is_dumpable(tsk)  ((tsk)->task_dumpable && (tsk)->mm->dumpable)

    to this corrected definition:

      #define is_dumpable(tsk)  ((tsk)->task_dumpable && (tsk)->mm &&
(tsk)->mm->dumpable)


    The affected RedHat RPM packages are listed below and should not
    be installed:

        Red Hat Linux 7.1
        ---------------------------------------
        kernel-2.4.18-27.7.x.src.rpm
        kernel-2.4.18-27.7.x.athlon.rpm
        kernel-smp-2.4.18-27.7.x.athlon.rpm
        kernel-2.4.18-27.7.x.i386.rpm
        kernel-BOOT-2.4.18-27.7.x.i386.rpm
        kernel-doc-2.4.18-27.7.x.i386.rpm
        kernel-source-2.4.18-27.7.x.i386.rpm
        kernel-2.4.18-27.7.x.i586.rpm
        kernel-smp-2.4.18-27.7.x.i586.rpm
        kernel-2.4.18-27.7.x.i686.rpm
        kernel-bigmem-2.4.18-27.7.x.i686.rpm
        kernel-debug-2.4.18-27.7.x.i686.rpm
        kernel-smp-2.4.18-27.7.x.i686.rpm

        Red Hat Linux 7.2
        ---------------------------------------
        kernel-2.4.18-27.7.x.src.rpm
        kernel-2.4.18-27.7.x.athlon.rpm
        kernel-smp-2.4.18-27.7.x.athlon.rpm
        kernel-2.4.18-27.7.x.i386.rpm
        kernel-BOOT-2.4.18-27.7.x.i386.rpm
        kernel-doc-2.4.18-27.7.x.i386.rpm
        kernel-source-2.4.18-27.7.x.i386.rpm
        kernel-2.4.18-27.7.x.i586.rpm
        kernel-smp-2.4.18-27.7.x.i586.rpm
        kernel-2.4.18-27.7.x.i686.rpm
        kernel-bigmem-2.4.18-27.7.x.i686.rpm
        kernel-debug-2.4.18-27.7.x.i686.rpm
        kernel-smp-2.4.18-27.7.x.i686.rpm

        Red Hat Linux 7.3
        ---------------------------------------
        kernel-2.4.18-27.7.x.src.rpm
        kernel-2.4.18-27.7.x.athlon.rpm
        kernel-smp-2.4.18-27.7.x.athlon.rpm
        kernel-2.4.18-27.7.x.i386.rpm
        kernel-BOOT-2.4.18-27.7.x.i386.rpm
        kernel-doc-2.4.18-27.7.x.i386.rpm
        kernel-source-2.4.18-27.7.x.i386.rpm
        kernel-2.4.18-27.7.x.i586.rpm
        kernel-smp-2.4.18-27.7.x.i586.rpm
        kernel-2.4.18-27.7.x.i686.rpm
        kernel-bigmem-2.4.18-27.7.x.i686.rpm
        kernel-debug-2.4.18-27.7.x.i686.rpm
        kernel-smp-2.4.18-27.7.x.i686.rpm

        Red Hat Linux 8.0
        ---------------------------------------
        kernel-2.4.18-27.8.0.src.rpm
        kernel-2.4.18-27.8.0.athlon.rpm
        kernel-smp-2.4.18-27.8.0.athlon.rpm
        kernel-2.4.18-27.8.0.i386.rpm
        kernel-BOOT-2.4.18-27.8.0.i386.rpm
        kernel-doc-2.4.18-27.8.0.i386.rpm
        kernel-source-2.4.18-27.8.0.i386.rpm
        kernel-2.4.18-27.8.0.i586.rpm
        kernel-smp-2.4.18-27.8.0.i586.rpm
        kernel-2.4.18-27.8.0.i686.rpm
        kernel-bigmem-2.4.18-27.8.0.i686.rpm
        kernel-debug-2.4.18-27.8.0.i686.rpm
        kernel-smp-2.4.18-27.8.0.i686.rpm
Comment 1 Chris Gottbrath 2003-04-16 15:56:35 EDT
Actually I should have said as reported "in the thread" 

http://www.ussg.iu.edu/hypermail/linux/kernel/0304.0/0137.html

the post that is most relevant to our specific problems with this
patch is 

http://www.ussg.iu.edu/hypermail/linux/kernel/0304.0/0601.html

From the users perspective trying to use TotalView on any 
target results in TotalView getting quite violently killed
by the kernel when the kernel oopses trying to fufill a ptrace
call. It is not obvious to users that the problem is a kernel 
bug as opposed to a TotalView bug. 

Thanks,
Chris
Comment 2 Blake Carlson 2003-05-08 15:39:45 EDT
The secruity update kernel being shipped to address the ptrace exploit is
faulty.  It causes a kernel oops whenever doing a ptrace call on a zombie
process.  While the effect is quite clear in the Etnus TotalView debugger
causing the debugger to crash, the problem ought to be a concern to all users. 
It also causes a stability problem on heavilly loaded machines as documented here:

http://www.ussg.iu.edu/hypermail/linux/kernel/0304.0/0137.html

This ought to be of particular interest to RedHat who wants to provide a stable
and secure platform for all users!

The fix is simple, safe, and correct.  When should we plan to see a kernel
update for the affected RPM kernel packages?

For easy testing, you may download TotalView and a trial license from
http://www.etnus.com to observe the severity of the problem.  Etnus has had
several users report this problem so this a particularly urgent issue in our
opinion.
Comment 3 Chris Gottbrath 2003-05-27 15:52:16 EDT
HELLOOOOOOOOOOOO!

This is a simple one. Is anyone listening?

Comment 4 Neil Thompson 2003-06-03 03:35:19 EDT
I'm also having problems with kernel-2.4.20-13.7 on RHL7.3.  I've been trying to
get a core dump out of squid for a while so I can send stacktraces to the squid
developers without success.  gdb also wouldn't allow me to do a backtrace when
running squid under gdb.  I have reverted the two ptrace patches in 2.4.20-13.7
and everything works properly now.  
Of couse, I'm going to have to put them back when I am finished debugging the
squid problem.  This is extremely inconvenient on a production box.
Comment 5 Joe Orton 2003-07-08 12:57:25 EDT
Fixes are available for 8.0 and 9 at least, see bug 89057, not sure about 7.x.
Comment 6 Jarek Polok 2003-07-09 03:24:03 EDT
Seems to be fixed for 7.X in the 2.4.20-18.7 kernel update as well ... 
Comment 7 Bugzilla owner 2004-09-30 11:40:48 EDT
Thanks for the bug report. However, Red Hat no longer maintains this version of
the product. Please upgrade to the latest version and open a new bug if the problem
persists.

The Fedora Legacy project (http://fedoralegacy.org/) maintains some older releases, 
and if you believe this bug is interesting to them, please report the problem in
the bug tracker at: http://bugzilla.fedora.us/

Note You need to log in before you can comment on or make changes to this bug.