[Touch-packages] [Bug 2026757] Re: dnsmasq on Ubuntu Jammy crashes on neutron-dhcp-agent updates
Using instructions at https://askubuntu.com/questions/41610/how-do-i-
rebuild-a-package-to-include-debugging-information built a package with
working debug symbols.
(gdb) bt
#0 0x7f21c90499fc in pthread_kill () from /lib/x86_64-linux-gnu/libc.so.6
#1 0x7f21c8ff5476 in raise () from /lib/x86_64-linux-gnu/libc.so.6
#2 0x7f21c8fdb7f3 in abort () from /lib/x86_64-linux-gnu/libc.so.6
#3 0x7f21c903c676 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
#4 0x7f21c9053cfc in ?? () from /lib/x86_64-linux-gnu/libc.so.6
#5 0x7f21c9055a54 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
#6 0x7f21c9058453 in free () from /lib/x86_64-linux-gnu/libc.so.6
#7 0x55ea8f653810 in dhcp_netid_free (nid=0x800ba) at
/home/ubuntu/dnsmasq/dnsmasq-2.90/debian/build/no-lua/option.c:1333
#8 0x55ea8f6538df in dhcp_netid_list_free (netid=0x0) at
/home/ubuntu/dnsmasq/dnsmasq-2.90/debian/build/no-lua/option.c:1363
#9 0x55ea8f653956 in dhcp_config_free (config=0x55ea90bc0050)
at /home/ubuntu/dnsmasq/dnsmasq-2.90/debian/build/no-lua/option.c:1381
#10 0x55ea8f661868 in clear_dynamic_conf () at
/home/ubuntu/dnsmasq/dnsmasq-2.90/debian/build/no-lua/option.c:5777
#11 0x55ea8f661947 in reread_dhcp () at
/home/ubuntu/dnsmasq/dnsmasq-2.90/debian/build/no-lua/option.c:5818
#12 0x55ea8f6737b7 in clear_cache_and_reload (now=1709322392)
at /home/ubuntu/dnsmasq/dnsmasq-2.90/debian/build/no-lua/dnsmasq.c:1738
#13 0x55ea8f672db5 in async_event (pipe=17, now=1709322392)
at /home/ubuntu/dnsmasq/dnsmasq-2.90/debian/build/no-lua/dnsmasq.c:1482
#14 0x55ea8f6725aa in main (argc=17, argv=0x7ffe73b7b4c8)
at /home/ubuntu/dnsmasq/dnsmasq-2.90/debian/build/no-lua/dnsmasq.c:1224
(gdb) frame 9
#9 0x55ea8f653956 in dhcp_config_free (config=0x55ea90bc0050)
at /home/ubuntu/dnsmasq/dnsmasq-2.90/debian/build/no-lua/option.c:1381
1381in /home/ubuntu/dnsmasq/dnsmasq-2.90/debian/build/no-lua/option.c
(gdb) p *config->netid->list
$17 = {net = 0x55efce12bef0 , next = 0xa03b9e2eb1d772d3}
(gdb) p *config->netid->list->next
Cannot access memory at address 0xa03b9e2eb1d772d3
(gdb) frame 10
#10 0x55ea8f661868 in clear_dynamic_conf () at
/home/ubuntu/dnsmasq/dnsmasq-2.90/debian/build/no-lua/option.c:5777
5777in /home/ubuntu/dnsmasq/dnsmasq-2.90/debian/build/no-lua/option.c
(gdb) info locals
configs = 0x55ea90bc0050
cp = 0x55ea90bbd220
up = 0x55ea90baefd8
(gdb) p *cp
$19 = {flags = 2096, clid_len = 0, clid = 0x0, hostname = 0x55ea90bbd2c0
"host-10-1-0-7", domain = 0x55ea90bbd2ce "openstacklocal",
netid = 0x55ea90bbd2f0, filter = 0x0, addr6 = 0x0, addr = {s_addr =
117440778}, decline_time = 0, lease_time = 0,
hwaddr = 0x55ea90bbd290, next = 0x55ea90bbd0f0}
(gdb) p *configs
$20 = {flags = 2096, clid_len = 0, clid = 0x0, hostname = 0x55ea90bc00c0
"host-10-1-0-62",
domain = 0x55ea90bc00cf "openstacklocal", netid = 0x55ea90bc00f0, filter =
0x0, addr6 = 0x0, addr = {s_addr = 1040187658},
decline_time = 0, lease_time = 0, hwaddr = 0x55ea90bbd370, next =
0x55ea90bbd220}
(gdb) p *configs->netid
$21 = {list = 0x55ea90bc0110, next = 0x0}
(gdb) p *configs->netid->list
$22 = {net = 0x55efce12bef0 , next = 0xa03b9e2eb1d772d3}
(gdb) p *cp->netid->list
$23 = {net = 0x55ea90bbd330 "port-f3c2ed23-d032-40ec-bd9e-55b1f0fe22f4", next =
0x7ffe73b7af00}
There happens some memory corruption, but hard to say what might be its
cause. Not yet clear to me.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to dnsmasq in Ubuntu.
https://bugs.launchpad.net/bugs/2026757
Title:
dnsmasq on Ubuntu Jammy crashes on neutron-dhcp-agent updates
Status in Ironic:
Triaged
Status in neutron:
New
Status in dnsmasq package in Ubuntu:
Invalid
Status in dnsmasq source package in Jammy:
Incomplete
Status in dnsmasq source package in Kinetic:
Won't Fix
Status in dnsmasq source package in Lunar:
Invalid
Status in dnsmasq source package in Mantic:
Invalid
Bug description:
The Ironic project's CI has been having major blocking issues moving
to utilizing Ubuntu Jammy and with some investigation we were able to
isolate the issues down to the dhcp updates causing dnsmasq to crash
on Ubuntu Jammy, which ships with dnsmasq 2.86. This issue sounds
similar to an issue known about to the dnsmasq maintainers, where
dnsmasq would crash with updates occurring due to configuration
refresh[0].
This resulted in us upgrading dnsmasq to the version which ships with
Ubuntu Lunar.
Which was no better. Dnsmasq still crashed upon record updates for
addresses and ports getting configuration added/changed/removed.
We later downgraded to the version of dnsmasq shipped in Ubuntu Focal,
and dnsmasq stopped crashing and appeared stable enough to utilize for
CI purposes.
** Kernel log from Ubuntu Jammy Package **
[229798.876726] dnsmasq[81586]: segfault at 7c28 ip 7f6e8313147e sp
7fffb3d6f830 error 4
[Touch-packages] [Bug 2026757] Re: dnsmasq on Ubuntu Jammy crashes on neutron-dhcp-agent updates
Coredump obtained from dnsmasq-base_2.90-0ubuntu0.22.04.1_amd64.deb ** Attachment added: "core.dnsmasq.65534.9aed02ce9d8a44b9845ff26acd24ad62.34.170932239200.zst" https://bugs.launchpad.net/ironic/+bug/2026757/+attachment/5751334/+files/core.dnsmasq.65534.9aed02ce9d8a44b9845ff26acd24ad62.34.170932239200.zst -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/2026757 Title: dnsmasq on Ubuntu Jammy crashes on neutron-dhcp-agent updates Status in Ironic: Triaged Status in neutron: New Status in dnsmasq package in Ubuntu: Invalid Status in dnsmasq source package in Jammy: Incomplete Status in dnsmasq source package in Kinetic: Won't Fix Status in dnsmasq source package in Lunar: Invalid Status in dnsmasq source package in Mantic: Invalid Bug description: The Ironic project's CI has been having major blocking issues moving to utilizing Ubuntu Jammy and with some investigation we were able to isolate the issues down to the dhcp updates causing dnsmasq to crash on Ubuntu Jammy, which ships with dnsmasq 2.86. This issue sounds similar to an issue known about to the dnsmasq maintainers, where dnsmasq would crash with updates occurring due to configuration refresh[0]. This resulted in us upgrading dnsmasq to the version which ships with Ubuntu Lunar. Which was no better. Dnsmasq still crashed upon record updates for addresses and ports getting configuration added/changed/removed. We later downgraded to the version of dnsmasq shipped in Ubuntu Focal, and dnsmasq stopped crashing and appeared stable enough to utilize for CI purposes. ** Kernel log from Ubuntu Jammy Package ** [229798.876726] dnsmasq[81586]: segfault at 7c28 ip 7f6e8313147e sp 7fffb3d6f830 error 4 in libc.so.6[7f6e830b4000+195000] [229798.876745] Code: 98 13 00 e8 04 b9 ff ff 0f 1f 40 00 f3 0f 1e fa 48 85 ff 0f 84 bb 00 00 00 55 48 8d 77 f0 53 48 83 ec 18 48 8b 1d 92 39 17 00 <48> 8b 47 f8 64 8b 2b a8 02 75 57 48 8b 15 18 39 17 00 64 48 83 3a [229805.444912] dnsmasq[401428]: segfault at dce8 ip 7fe63bf6a47e sp 7ffdb105b440 error 4 in libc.so.6[7fe63beed000+195000] [229805.444933] Code: 98 13 00 e8 04 b9 ff ff 0f 1f 40 00 f3 0f 1e fa 48 85 ff 0f 84 bb 00 00 00 55 48 8d 77 f0 53 48 83 ec 18 48 8b 1d 92 39 17 00 <48> 8b 47 f8 64 8b 2b a8 02 75 57 48 8b 15 18 39 17 00 64 48 83 3a [230414.213448] dnsmasq[401538]: segfault at 78b8 ip 7f12160e447e sp 7ffed6ef2190 error 4 in libc.so.6[7f1216067000+195000] [230414.213467] Code: 98 13 00 e8 04 b9 ff ff 0f 1f 40 00 f3 0f 1e fa 48 85 ff 0f 84 bb 00 00 00 55 48 8d 77 f0 53 48 83 ec 18 48 8b 1d 92 39 17 00 <48> 8b 47 f8 64 8b 2b a8 02 75 57 48 8b 15 18 39 17 00 64 48 83 3a [230465.098989] dnsmasq[402665]: segfault at c378 ip 7f81458f047e sp 7fff0db334a0 error 4 in libc.so.6[7f8145873000+195000] [230465.099005] Code: 98 13 00 e8 04 b9 ff ff 0f 1f 40 00 f3 0f 1e fa 48 85 ff 0f 84 bb 00 00 00 55 48 8d 77 f0 53 48 83 ec 18 48 8b 1d 92 39 17 00 <48> 8b 47 f8 64 8b 2b a8 02 75 57 48 8b 15 18 39 17 00 64 48 83 3a [231787.247374] dnsmasq[402863]: segfault at 7318 ip 7f3940b9147e sp 7ffc8df4f010 error 4 in libc.so.6[7f3940b14000+195000] [231787.247392] Code: 98 13 00 e8 04 b9 ff ff 0f 1f 40 00 f3 0f 1e fa 48 85 ff 0f 84 bb 00 00 00 55 48 8d 77 f0 53 48 83 ec 18 48 8b 1d 92 39 17 00 <48> 8b 47 f8 64 8b 2b a8 02 75 57 48 8b 15 18 39 17 00 64 48 83 3a [231844.886399] dnsmasq[405182]: segfault at dc58 ip 7f32a29e147e sp 7ffddedd7480 error 4 in libc.so.6[7f32a2964000+195000] [231844.886420] Code: 98 13 00 e8 04 b9 ff ff 0f 1f 40 00 f3 0f 1e fa 48 85 ff 0f 84 bb 00 00 00 55 48 8d 77 f0 53 48 83 ec 18 48 8b 1d 92 39 17 00 <48> 8b 47 f8 64 8b 2b a8 02 75 57 48 8b 15 18 39 17 00 64 48 83 3a [234692.482154] dnsmasq[405289]: segfault at 67d8 ip 7fab0c5c447e sp 7fffd6fd8fa0 error 4 in libc.so.6[7fab0c547000+195000] [234692.482173] Code: 98 13 00 e8 04 b9 ff ff 0f 1f 40 00 f3 0f 1e fa 48 85 ff 0f 84 bb 00 00 00 55 48 8d 77 f0 53 48 83 ec 18 48 8b 1d 92 39 17 00 <48> 8b 47 f8 64 8b 2b a8 02 75 57 48 8b 15 18 39 17 00 64 48 83 3a ** Kernel log entries from Ubuntu Lunar package ** [234724.842339] dnsmasq[409843]: segfault at fffd ip 7f35a147647e sp 7ffd536038c0 error 5 in libc.so.6[7f35a13f9000+195000] [234724.842368] Code: 98 13 00 e8 04 b9 ff ff 0f 1f 40 00 f3 0f 1e fa 48 85 ff 0f 84 bb 00 00 00 55 48 8d 77 f0 53 48 83 ec 18 48 8b 1d 92 39 17 00 <48> 8b 47 f8 64 8b 2b a8 02 75 57 48 8b 15 18 39 17 00 64 48 83 3a [234784.918116] dnsmasq[410019]: segfault at fffd ip 7f634233947e sp 7fff33877f20 error 5 in libc.so.6[7f63422bc000+195000] [234784.918133] Code: 98 13 00 e8 04 b9 ff ff 0f 1f 40 00 f3 0f 1e fa 48 85 ff 0f 84 bb 00 00 00 55 48 8d 77 f0 53 48 83 ec 18 48 8b 1d 92 39 17 00 <48> 8b
[Touch-packages] [Bug 2027797] [NEW] systemd-resolved DNSSEC implementation does not protect against cache poisoning
*** This bug is a security vulnerability *** Public security bug reported: Steps required are at upstream issue https://github.com/systemd/systemd/issues/25676 Unfortunately it has been reported publicly for 3 years in https://github.com/systemd/systemd/issues/15158, so no embargo makes sense ** Affects: systemd (Ubuntu) Importance: Undecided Status: New ** Tags: dnssec ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/2027797 Title: systemd-resolved DNSSEC implementation does not protect against cache poisoning Status in systemd package in Ubuntu: New Bug description: Steps required are at upstream issue https://github.com/systemd/systemd/issues/25676 Unfortunately it has been reported publicly for 3 years in https://github.com/systemd/systemd/issues/15158, so no embargo makes sense To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/2027797/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2027797] Re: systemd-resolved DNSSEC implementation does not protect against cache poisoning
Because systemd-resolved is preinstalled not only on desktop, but also server variant, I expect some people may decide to protect their dns cache. Unfortunately it does not tell them it won't work. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/2027797 Title: systemd-resolved DNSSEC implementation does not protect against cache poisoning Status in systemd package in Ubuntu: New Bug description: Steps required are at upstream issue https://github.com/systemd/systemd/issues/25676 Unfortunately it has been reported publicly for 3 years in https://github.com/systemd/systemd/issues/15158, so no embargo makes sense To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/2027797/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
