Current state of the problem: Ubuntu kernel developers will prepare new patch in a few days (see https://lists.ubuntu.com/archives/ubuntu-devel- discuss/2017-June/017507.html).
John Johansen: "The kernel team is aware of the issue, and will be releasing updated kernels when they are available. There are currently no plans to revert the kernel patch until the replacement patches are ready due to the nature of the security vulnerability. If the regression is preventing you from using the applications you require then we currently recommend you reboot into the previous kernel." -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libreoffice in Ubuntu. https://bugs.launchpad.net/bugs/1699772 Title: linux-image-4.4.0-81-generic, linux-image-3.13.0-121-generic Regression: many user-space apps crashing Status in commons-daemon package in Ubuntu: Confirmed Status in eclipse package in Ubuntu: Confirmed Status in imagej package in Ubuntu: Confirmed Status in libreoffice package in Ubuntu: Confirmed Status in linux package in Ubuntu: Confirmed Status in octave package in Ubuntu: Confirmed Status in scilab package in Ubuntu: Confirmed Status in linux package in Debian: Unknown Bug description: Distribution: Ubuntu 16.04 x64 (Flavour: KDE Neon User Edition 5.10) linux-image-4.4.0-81-generic appears to contain a regression, probably related to the CVE-2017-1000364 fix backport / patch. Using this kernel, the Oracle Java browser plugin always crashes during stack-related actions on initialization. This means, the plugin completely stopped working. It works perfectly fine in linux-image-4.4.0-79-generic (vurlerable to CVE-2017-1000364) as well as linux-image-4.11.6-041106-generic, which also contains a fix for CVE-2017-1000364. uname -a: > Linux Zweiblum 4.4.0-81-generic #104-Ubuntu SMP Wed Jun 14 08:17:06 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux I tested Oracle Java 1.8 u131 as well as 1.6 u64 in Firefox 51.0.1 as well as Iceweasel / Firefox/3.5.16 in a chroot. Using linux-image-4.4.0-81-generic it crashes in all combinations while with both other kernels it works. I was not able to obtain any detailed crash information from Firefox 51.0.1, but Iceweasel 3.5.16 crashed completely, allowing me to obtain a stack trace which shows the relation to stack operations performed by the plugin, even without proper debug symbols: > (gdb) bt full > #0 0x00007fa06d805307 in _expand_stack_to(unsigned char*) () from /opt/java-8-oracle/jre/lib/amd64/server/libjvm.so > No symbol table info available. > #1 0x00007fa06d8053ae in os::Linux::manually_expand_stack(JavaThread*, unsigned char*) () > from /opt/java-8-oracle/jre/lib/amd64/server/libjvm.so > No symbol table info available. > #2 0x00007fa06d80cf0b in JVM_handle_linux_signal () from /opt/java-8-oracle/jre/lib/amd64/server/libjvm.so > No symbol table info available. > #3 0x00007fa06d802e13 in signalHandler(int, siginfo*, void*) () from /opt/java-8-oracle/jre/lib/amd64/server/libjvm.so > No symbol table info available. > #4 <signal handler called> I first assumed a bug in the Java plugin, but it works fine in Linux 4.11.6. The crash will be triggered by any applet, for example the test applet at: * https://java.com/en/download/installed8.jsp I'm running the Ubuntu 16.04 based KDE Neon distribution which somehow apparently does not allow me to use apport to report this bug: > $ LANG= apport-cli linux-image-4.4.0-81-generic > > *** Collecting problem information > > The collected information can be sent to the developers to improve the > application. This might take a few minutes. > ......... > > *** Problem in linux-image-4.4.0-81-generic > > The problem cannot be reported: > > This is not an official KDE package. Please remove any third party package and try again. If someone can tell me how to get apport working for this package, I can use it to collect additional information, but (unfortunately?) the problem should be fairly easy to reproduce... To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/commons-daemon/+bug/1699772/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
