Path: blob/main/website/static/security/advisories/FreeBSD-EN-09:04.fork.asc
18093 views
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-EN-09:04.fork Errata Notice
The FreeBSD Project
Topic: Deadlock in a multi-threaded program during fork(2)
Category: core
Module: libc
Announced: 2009-06-24
Credits: Konstantin Belousov <[email protected]>,
Max Brazhnikov <[email protected]>
Affects: FreeBSD 7.2
Corrected: 2009-05-03 17:51:38 (RELENG_7, 7.2-STABLE)
2009-06-24 05:28:09 (RELENG_7_2, 7.2-RELEASE-p2)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:http://security.freebsd.org/>.
I. Background
fork(2) is a system call which causes creation of a new process.
FreeBSD supports invoking the malloc(3) function during the fork(2) in
a process running in threaded mode which involves locking of the memory
allocator.
II. Problem Description
A lock order reversal has been found in the interaction between the
malloc(3) implementation and threading library. When a multi-threaded
process calls the fork(2) system call in a thread and the malloc(3)
function in another thread it can cause a deadlock in the child
process.
III. Impact
A multi-threaded program that calls fork(2) in a thread and malloc(3)
in another thread can make the child process stop unintentionally.
There is no direct impact on the other processes or the kernel.
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to 7-STABLE or to the RELENG_7_2
security branch dated after the correction date.
2) To patch your present system:
The following patches have been verified to apply to FreeBSD 7.2 system.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch http://security.FreeBSD.org/patches/EN-09:04/fork.patch
# fetch http://security.FreeBSD.org/patches/EN-09:04/fork.patch.asc
b) Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
# cd /usr/src/lib/libc
# make obj && make depend && make && make install
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
CVS:
Branch Revision
Path
- -------------------------------------------------------------------------
RELENG_7
src/lib/libc/stdlib/malloc.c 1.147.2.7
RELENG_7_2
src/UPDATING 1.507.2.23.2.5
src/sys/conf/newvers.sh 1.72.2.11.2.6
src/lib/libc/stdlib/malloc.c 1.147.2.6.2.2
- -------------------------------------------------------------------------
Subversion:
Branch/path Revision
- -------------------------------------------------------------------------
stable/7/ r191767
releng/7.2/ r194808
- -------------------------------------------------------------------------
VII. References
The latest revision of this advisory is available at
http://security.FreeBSD.org/advisories/FreeBSD-EN-09:04.fork.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (FreeBSD)
iEYEARECAAYFAkpBvBsACgkQFdaIBMps37LnLQCeNw8Es9R9X8QySoZni2JQ9Kma
N+8An3Ff/bB4l3dvgfAa0rAA+TjbfQBV
=8YtE
-----END PGP SIGNATURE-----