The verification of the Stable Release Update for lxc has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/2081762 Title: [SRU] lxc-excecute NULL pointer dereference causes segfault when sharing rootfs with host Status in lxc: Fix Released Status in lxc package in Ubuntu: Fix Released Status in lxc source package in Noble: Fix Released Status in lxc source package in Oracular: Fix Released Status in lxc source package in Plucky: Fix Released Status in lxc package in Debian: New Bug description: [ Impact ] lxc-execute will crash with a segfault if the user tries to use the host rootfs as a shared rootfs. $ sudo lxc-execute -n lxc-test-1 -f lxc.conf -l TRACE -- ls /usr Segmentation fault [ Test Plan ] install lxc $ cat > lxc.conf <<EOF lxc.uts.name=lxc-test-1 lxc.net.0.type = empty lxc.console.path = none lxc.tty.max = 1 lxc.pty.max = 128 lxc.mount.auto = proc:rw sys cgroup lxc.autodev = 1 EOF $ sudo lxc-execute -n lxc-test-1 -f lxc.conf -l TRACE -- ls /usr If the package is fixed, it will display output from 'ls'. [ Where problems could occur ] This is an upstream patch which is only checking if a pointer is not NULL before dereferencing it. There is no other change in the code apart from this pointer check. There is very minimum chance of any regression due to this change. [ Other Info ] It is now fixed in Plucky. Even though Debian has an updated 1:6.0.2-1, but the issue is still reproducible on Debian. [ Original Bug Description ] lsb_release -rd: Description: Ubuntu 24.04.1 LTS Release: 24.04 lxc-start --version: 5.0.3 Issue: lxc-execute segfaults when using a shared host rootfs due to a NULL pointer deference. In lxc/src/lxc/conf.c - lines 339 - 344 The call to lxc_storage_prepare detects no rootfs path and returns without calling storage_init In lxc/src/lxc/conf.c - lines 293 - 310 leaving rootfs->storage null. Then dereferencing rootfs->storage->type causes a segfault. Steps to reproduce: 1. use lxc.conf: lxc.uts.name=lxc-test-1 lxc.net.0.type = empty lxc.console.path = none lxc.tty.max = 1 lxc.pty.max = 128 lxc.mount.auto = proc:rw sys cgroup lxc.autodev = 1 2. Run: $ sudo lxc-execute -n lxc-test-1 -f lxc.conf -l TRACE -- ls /dev Segmentation fault I've attached a patch as a possible fix. Running the same example above with the patch applied runs without crashing. To manage notifications about this bug go to: https://bugs.launchpad.net/lxc/+bug/2081762/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp