[Samba] ctdb, raw sockets and CVE-2015-8543

Amitay Isaacs amitay at gmail.com
Fri Jan 29 00:08:45 UTC 2016


On Wed, Jan 27, 2016 at 9:51 PM, Adi Kriegisch <adi at cg.tuwien.ac.at> wrote:

> Hi!
> A recent kernel security update[1] caused some issues with our ctdb
> cluster; messages like:
>   | We are still serving a public IP 'x.x.x.x' that we should not be
> serving. Removing it
>   | common/system_common.c:89 failed to open raw socket (Invalid argument)
>   | Could not find which interface the ip address is hosted on. can not
> release it
> and
>   | common/system_linux.c:344 failed to open raw socket (Invalid argument)
> The corresponding parts in ctdb's code look like this:
>   | s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW));
> converting IPPROTO_RAW to 0xff00 (from strace):
>   | socket(PF_INET, SOCK_RAW, 0xff00 /* IPPROTO_??? */) = -1 EINVAL
> (Invalid argument)
> Removing htons() from both calls seems to fix the issue for us. Is it
> possible that the call to htons is just wrong and should be removed?
> -- Adi
> [1] https://security-tracker.debian.org/tracker/CVE-2015-8543

Thanks for reporting the issue.  Yes, htons() in socket() call is wrong and
should be removed.

Can you create a bug report on bugzilla.samba.org against CTDB?


More information about the samba mailing list