Debian Bug report logs -
#816154
initramfs-tools-core: lsinitramfs causes zcat crash when Intel microcode is included in initrd
Reported by: Ron Murray <rjmx@rjmx.net>
Date: Thu, 25 Feb 2016 17:03:01 UTC
Severity: important
Tags: security
Done: Bdale Garbee <bdale@gag.com>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Debian kernel team <debian-kernel@lists.debian.org>:
Bug#815915; Package initramfs-tools-core.
(Thu, 25 Feb 2016 17:03:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Ron Murray <rjmx@rjmx.net>:
New Bug report received and forwarded. Copy sent to Debian kernel team <debian-kernel@lists.debian.org>.
(Thu, 25 Feb 2016 17:03:06 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: initramfs-tools-core
Version: 0.123
Severity: normal
Dear Maintainer,
When using lsinitramfs to check the contents of an initrd:
> root:~# lsinitramfs /boot/initrd.img-4.4.2
> /boot/initrd.img-4.4.2-curly-0
> kernel
> kernel/x86
> kernel/x86/microcode
> kernel/x86/microcode/GenuineIntel.bin
> *** Error in `zcat': double free or corruption (!prev): 0x0000000002236940 ***
lsinitramfs runs fine on my AMD boxes.
It seems that Ubuntu has at least two reports of this: see their bug
numberss 1541076 and 1507443. I don't see a Debian bug report on it, though.
-- System Information:
Debian Release: stretch/sid
APT prefers testing-updates
APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 4.4.2-curly-0 (SMP w/8 CPU cores; PREEMPT)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages initramfs-tools-core depends on:
ii cpio 2.11+dfsg-5
ii klibc-utils 2.0.4-8
ii kmod 22-1
ii udev 228-6
Versions of packages initramfs-tools-core recommends:
ii busybox 1:1.22.0-18
Versions of packages initramfs-tools-core suggests:
pn bash-completion <none>
-- Configuration Files:
/etc/initramfs-tools/initramfs.conf changed:
MODULES=most
BUSYBOX=y
KEYMAP=n
COMPRESS=gzip
DEVICE=
NFSROOT=auto
-- no debconf information
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian kernel team <debian-kernel@lists.debian.org>:
Bug#815915; Package initramfs-tools-core.
(Sun, 28 Feb 2016 04:57:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Ben Hutchings <ben@decadent.org.uk>:
Extra info received and forwarded to list. Copy sent to Debian kernel team <debian-kernel@lists.debian.org>.
(Sun, 28 Feb 2016 04:57:04 GMT) (full text, mbox, link).
Message #10 received at 815915@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Control: severity -1 important
Control: clone -1 -2
Control: reassign -2 gzip
Control: tag -2 security
On Thu, 2016-02-25 at 11:51 -0500, Ron Murray wrote:
> Package: initramfs-tools-core
> Version: 0.123
> Severity: normal
>
> Dear Maintainer,
>
> When using lsinitramfs to check the contents of an initrd:
>
> > root:~# lsinitramfs /boot/initrd.img-4.4.2
> > /boot/initrd.img-4.4.2-curly-0
> > kernel
> > kernel/x86
> > kernel/x86/microcode
> > kernel/x86/microcode/GenuineIntel.bin
> > *** Error in `zcat': double free or corruption (!prev): 0x0000000002236940 ***
>
> lsinitramfs runs fine on my AMD boxes.
>
> It seems that Ubuntu has at least two reports of this: see their bug
> numberss 1541076 and 1507443. I don't see a Debian bug report on it, though.
The crash is a bug in zcat. But presumably we are also not invoking it
correctly.
Ben.
--
Ben Hutchings
Every program is either trivial or else contains at least one bug
[signature.asc (application/pgp-signature, inline)]
Severity set to 'important' from 'normal'
Request was from Ben Hutchings <ben@decadent.org.uk>
to 815915-submit@bugs.debian.org.
(Sun, 28 Feb 2016 04:57:04 GMT) (full text, mbox, link).
Bug 815915 cloned as bug 816154
Request was from Ben Hutchings <ben@decadent.org.uk>
to 815915-submit@bugs.debian.org.
(Sun, 28 Feb 2016 04:57:05 GMT) (full text, mbox, link).
Bug reassigned from package 'initramfs-tools-core' to 'gzip'.
Request was from Ben Hutchings <ben@decadent.org.uk>
to 815915-submit@bugs.debian.org.
(Sun, 28 Feb 2016 04:57:06 GMT) (full text, mbox, link).
No longer marked as found in versions initramfs-tools/0.123.
Request was from Ben Hutchings <ben@decadent.org.uk>
to 815915-submit@bugs.debian.org.
(Sun, 28 Feb 2016 04:57:07 GMT) (full text, mbox, link).
Added tag(s) security.
Request was from Ben Hutchings <ben@decadent.org.uk>
to 815915-submit@bugs.debian.org.
(Sun, 28 Feb 2016 04:57:08 GMT) (full text, mbox, link).
Reply sent
to Bdale Garbee <bdale@gag.com>:
You have taken responsibility.
(Sun, 29 Jul 2018 03:00:03 GMT) (full text, mbox, link).
Notification sent
to Ron Murray <rjmx@rjmx.net>:
Bug acknowledged by developer.
(Sun, 29 Jul 2018 03:00:03 GMT) (full text, mbox, link).
Message #25 received at 816154-done@bugs.debian.org (full text, mbox, reply):
This but cannot be reproduced with current gzip. In fact, after trying
various combinations, it seems likely the original problem was actually
due to zutils being installed and delivering an unconditional override of
the zcat in gzip with a buggy executable. See Debian bug #902936 for more
details.
I'm closing this bug with no further action taken.
Bdale
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 26 Aug 2018 07:27:54 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jul 24 07:58:30 2024;
Machine Name:
bembo
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.