[Samba] ctdb, raw sockets and CVE-2015-8543
Amitay Isaacs
amitay at gmail.com
Fri Jan 29 00:08:45 UTC 2016
Hi,
On Wed, Jan 27, 2016 at 9:51 PM, Adi Kriegisch <adi at cg.tuwien.ac.at> wrote:
> Hi!
>
> A recent kernel security update[1] caused some issues with our ctdb
> cluster; messages like:
> | We are still serving a public IP 'x.x.x.x' that we should not be
> serving. Removing it
> | common/system_common.c:89 failed to open raw socket (Invalid argument)
> | Could not find which interface the ip address is hosted on. can not
> release it
> and
> | common/system_linux.c:344 failed to open raw socket (Invalid argument)
>
> The corresponding parts in ctdb's code look like this:
> | s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW));
> converting IPPROTO_RAW to 0xff00 (from strace):
> | socket(PF_INET, SOCK_RAW, 0xff00 /* IPPROTO_??? */) = -1 EINVAL
> (Invalid argument)
>
> Removing htons() from both calls seems to fix the issue for us. Is it
> possible that the call to htons is just wrong and should be removed?
>
> -- Adi
>
> [1] https://security-tracker.debian.org/tracker/CVE-2015-8543
>
Thanks for reporting the issue. Yes, htons() in socket() call is wrong and
should be removed.
Can you create a bug report on bugzilla.samba.org against CTDB?
Thanks.
Amitay.
More information about the samba
mailing list