| hans_ | seems something got messed up when you tried to fix CVE2021-21703 for ubuntu20.04, because the POC code still causes php-fpm segfaults on 20.04, suggesting its not fixed: https://github.com/cfreal/exploits/blob/master/php-SplDoublyLinkedList-offsetUnset/exploit.php | 09:21 |
|---|---|---|
| tomreyn | https://bugs.launchpad.net/ubuntu/+source/php7.4/7.4.3-4ubuntu2.7 | 09:32 |
| hans_ | ok, made a bugreport on it, https://bugs.launchpad.net/ubuntu/+source/php-defaults/+bug/1953244 | 09:43 |
| hans_ | tomreyn, thanks | 09:43 |
| tomreyn | hans_: thanks. i'm not sure that#s the right package, though | 09:45 |
| tomreyn | you may be able to reassign it to "php7.4" | 09:45 |
| hans_ | oh? well it's a bug between how the php-fpm master process (which runs as root) communicates with the php-fpm child/worker processes (which runs as www-data) and.. | 09:45 |
| hans_ | they share some memory which can be corrupted by the child and cause the master/root fpm to execute it and stuff | 09:46 |
| hans_ | idk | 09:46 |
| tomreyn | i think php-defaults is the package which the php version specific packages in ubuntu releases depend on. | 09:47 |
| tomreyn | i.e., in focal (20.04), the "php-fpm" binary package is one of the packages built from the "php-defaults" source package, but the (actual) FPM binary package "php7.4-fpm" is built from source package "php7.4" | 09:50 |
| tomreyn | hans_: note that your bug report is currently only visible to the security team because you (correctly, for all we know) pointed out that it has security impact. on the other hand, it's a publicly known vulnerability, the apparent fact that it is unpatched in 20.04 LTS was openly discussed on IRC (with public logs) and you may therefore want to make the bug report public as well. | 09:54 |
| hans_ | well i g2g, but i think the right people has been notified that -something- is wrong, that's a good start ^^ | 10:01 |
| amurray | leosilva: can you take a look at the php-fpm stuff from above ^^^ (https://bugs.launchpad.net/ubuntu/+source/php-defaults/+bug/1953244) - thanks :) | 22:52 |
| ubottu | Launchpad bug 1953244 in php-defaults (Ubuntu) "CVE2021-21703 POC still cause segfault on php-fpm 7.4.3-4ubuntu2.7" [Undecided, New] | 22:52 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!