[Bug 2069821] Re: [VROC] [Ub 24.04] mdadm: buffer overflow detected
Hector CAO
2069821 at bugs.launchpad.net
Thu Aug 15 14:53:18 UTC 2024
** Changed in: mdadm (Ubuntu Noble)
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to mdadm in Ubuntu.
https://bugs.launchpad.net/bugs/2069821
Title:
[VROC] [Ub 24.04] mdadm: buffer overflow detected
Status in mdadm package in Ubuntu:
Fix Released
Status in mdadm source package in Noble:
In Progress
Status in mdadm source package in Oracular:
Fix Released
Bug description:
[ Impact ]
mdadm crashes sporadically with error *** buffer overflow detected ***
at some invokations:
- mdadm --detail-pl
- mdadm -CR /dev/md0 -l1 -n2 /dev/nvme0n1 /dev/nvme1n1
*** buffer overflow detected ***: terminated
Aborted (core dumped)
[ Test Plan ]
- Install mdadm
- Issue this command several times:
mdadm --detail-pl
[ Where problems could occur ]
The fix is very small and basically it replaces the unsafe functions call
to sprintf by calling snprintf for Intel platforms (platform_intel.c)
I do not expect high regression risk.
[ Other Info ]
mdadm is built with FORTIFY_SOURCE=3 (as it is done in Ubuntu 24.04).
and it uses the unsafe function sprintf() that will cause the
buffer-overflow error
It is fixed in mdadm upstream:
https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=827e1870f320545796d907f50af594e901399417
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mdadm/+bug/2069821/+subscriptions
More information about the foundations-bugs
mailing list