2016-02-01 17:29 GMT+01:00 Adi Kriegisch <a...@kriegisch.at>: > Package: ctdb > Severity: grave > Tags: patch,upstream > > Hi! > > The kernel upgrade for CVE-2015-8543 showed a bug in CTDB that leads to a > broken cluster: > | s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW)); > htons(IPPROTO_RAW) leads to 0xff00 which causes "-1 EINVAL (Invalid > argument)" because of CVE-2015-8543. > The fix for the issue is quite simple: remove IPPROTO_RAW; to make the fix > more consistent with what was used before, use IPPROTO_IP (which is 0). > > Error messages related to this bug are: > | We are still serving a public IP 'x.x.x.x' that we should not be serving. > Removing it > | common/system_common.c:89 failed to open raw socket (Invalid argument) > | Could not find which interface the ip address is hosted on. can not > release it > and > | common/system_linux.c:344 failed to open raw socket (Invalid argument) > As a result, IP addresses cannot be released and multiple nodes in the > cluster serve the same address, which obviously does not work.
Thank you so much for finding this bug! I was wondering why my clusters were crazy, blaming the network itself. > Upstream bug: https://bugzilla.samba.org/show_bug.cgi?id=11705 and mailing > list conversation: > https://lists.samba.org/archive/samba/2016-January/197389.html There are two set of patches: - yours that basically keep the same behavior as pre-CVE-2015-8543 (proto=0) - Amitay's that restore the intented behavior (proto=255) Also you patch only fixes 2 functions. Amitay's patch also fixes references to ETHERTYPE_ARP (0x0806) and ETH_P_ALL (0x0003) I think I'll got for Amitay's patch which probably fixes a lot of weird behaviors I've seen pre-CVE-2015-8543 (i.e TCP connections not reset, Ip not properly relocated). I plan to fix this for wheezy and jessie. stretch will come with next upstream release. Givent the importance of the bug, I think it can go thru -security. Regards -- Mathieu
