Ubuntu
chkrootkit package

chkutmp assert failure: *** stack smashing detected ***: ./chkutmp terminated

Bug #623144 reported by WaltSullivan
190
This bug affects 33 people
Affects Status Importance Assigned to Milestone
chkrootkit (Debian)
Fix Released
Unknown
chkrootkit (Ubuntu)
Fix Released
Medium
Unassigned
Lucid
Won't Fix
Undecided
Unassigned

Bug Description

Binary package hint: chkrootkit

chkrootkit was running unseen, when this error popped up.

ProblemType: Crash
DistroRelease: Ubuntu 10.04
Package: chkrootkit 0.49-3
ProcVersionSignature: Ubuntu 2.6.32-24.39-generic 2.6.32.15+drm33.5
Uname: Linux 2.6.32-24-generic x86_64
Architecture: amd64
AssertionMessage: *** stack smashing detected ***: ./chkutmp terminated
Date: Sun Aug 22 16:03:10 2010
ExecutablePath: /usr/lib/chkrootkit/chkutmp
ProcCmdline: ./chkutmp
ProcEnviron:
 PATH=(custom, no user)
 LANG=C
 SHELL=/bin/sh
Signal: 6
SourcePackage: chkrootkit
StacktraceTop:
 *__GI_raise (sig=<value optimized out>)
 *__GI_abort () at abort.c:92
 __libc_message (do_abort=<value optimized out>,
 *__GI___fortify_fail (
 __stack_chk_fail () at stack_chk_fail.c:29
Title: chkutmp assert failure: *** stack smashing detected ***: ./chkutmp terminated
UserGroups: pulse pulse-access

Related branches

lp:ubuntu/natty/chkrootkit
Revision history for this message
WaltSullivan (walts) wrote :
Kees Cook (kees)
security vulnerability: yes → no
visibility: private → public
Revision history for this message
Chuck Short (zulcss) wrote :

Thanks for the bug report. Is this easily reproducible?

chuck

Changed in chkrootkit (Ubuntu):
importance: Undecided → Low
status: New → Incomplete
Revision history for this message
Apport retracing service (apport) wrote :

StacktraceTop:
 raise () from /lib/libc.so.6
 abort () from /lib/libc.so.6
 ?? () from /lib/libc.so.6
 __fortify_fail () from /lib/libc.so.6
 __stack_chk_fail () from /lib/libc.so.6

Revision history for this message
Apport retracing service (apport) wrote : Stacktrace.txt
Revision history for this message
Apport retracing service (apport) wrote : ThreadStacktrace.txt
Changed in chkrootkit (Ubuntu):
importance: Low → Medium
tags: removed: need-amd64-retrace
Revision history for this message
Dominik Stadler (dominik-stadler) wrote :

I have the same and get this every time I run "chkrootkit", what else do you need? BTW, I am also using 64-bit binaries here.

Changed in chkrootkit (Ubuntu):
status: Incomplete → New
Revision history for this message
Dominik Stadler (dominik-stadler) wrote :

The attached patch fixes this for me, there is a very simple error with mixing up defines UT_LINESIZE (=32) and UT_PIDSIZE (=12) in chkutmp.

tags: added: patch
Revision history for this message
Arnaud HERITIER (aheritier) wrote :

Same issue with on one of my ubuntu servers 10.10 (64b). Can we hope to have an official fix soon ?

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chkrootkit - 0.49-4ubuntu1

---------------
chkrootkit (0.49-4ubuntu1) natty; urgency=low

  * debian/patches/fix-stack-smash.patch: Fix segfault when running
    chkrootkit. (LP: #623144) Thanks to Dominik Stadler.
 -- Chuck Short <email address hidden> Mon, 14 Mar 2011 09:33:06 -0400

Changed in chkrootkit (Ubuntu):
status: New → Fix Released
Revision history for this message
David Watson (david-watson) wrote :

Can we expect the same fix to be applied to the Lucid 10.04 LTS packages, since chkrootkit seems to currently segfault on 16GB 64-bit servers?

Revision history for this message
moojix (moojix) wrote :

Would be cool to get this fix in Lucid.

Revision history for this message
starslights (starslights) wrote :

Hello,

Today i get the same bug on Kubuntu Lucid 10.04 64 bits using chkrootkit 0.49-4 amd64

Linux moonlights 2.6.38-10-generic #46~lucid1-Ubuntu SMP Wed Jul 6 18:41:04 UTC 2011 x86_64 GNU/Linux

Checking `chkutmp'... *** stack smashing detected ***: ./chkutmp terminated
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x37)[0x7f4c91050217]
/lib/libc.so.6(__fortify_fail+0x0)[0x7f4c910501e0]
./chkutmp[0x400eb2]
./chkutmp[0x401097]
/lib/libc.so.6(__libc_start_main+0xfd)[0x7f4c90f6fc4d]
./chkutmp[0x400999]
======= Memory map: ========
00400000-00402000 r-xp 00000000 fc:01 28971790 /usr/lib/chkrootkit/chkutmp
00601000-00602000 r--p 00001000 fc:01 28971790 /usr/lib/chkrootkit/chkutmp
00602000-00603000 rw-p 00002000 fc:01 28971790 /usr/lib/chkrootkit/chkutmp
02055000-02076000 rw-p 00000000 00:00 0 [heap]
7f4c90d3a000-7f4c90d50000 r-xp 00000000 fc:01 24379447 /lib/libgcc_s.so.1
7f4c90d50000-7f4c90f4f000 ---p 00016000 fc:01 24379447 /lib/libgcc_s.so.1
7f4c90f4f000-7f4c90f50000 r--p 00015000 fc:01 24379447 /lib/libgcc_s.so.1
7f4c90f50000-7f4c90f51000 rw-p 00016000 fc:01 24379447 /lib/libgcc_s.so.1
7f4c90f51000-7f4c910cb000 r-xp 00000000 fc:01 24394864 /lib/libc-2.11.1.so
7f4c910cb000-7f4c912ca000 ---p 0017a000 fc:01 24394864 /lib/libc-2.11.1.so
7f4c912ca000-7f4c912ce000 r--p 00179000 fc:01 24394864 /lib/libc-2.11.1.so
7f4c912ce000-7f4c912cf000 rw-p 0017d000 fc:01 24394864 /lib/libc-2.11.1.so
7f4c912cf000-7f4c912d4000 rw-p 00000000 00:00 0
7f4c912d4000-7f4c912f4000 r-xp 00000000 fc:01 24383332 /lib/ld-2.11.1.so
7f4c914c8000-7f4c914cb000 rw-p 00000000 00:00 0
7f4c914f1000-7f4c914f3000 rw-p 00000000 00:00 0
7f4c914f3000-7f4c914f4000 r--p 0001f000 fc:01 24383332 /lib/ld-2.11.1.so
7f4c914f4000-7f4c914f5000 rw-p 00020000 fc:01 24383332 /lib/ld-2.11.1.so
7f4c914f5000-7f4c914f6000 rw-p 00000000 00:00 0
7fffa0b98000-7fffa0d0f000 rw-p 00000000 00:00 0 [stack]
7fffa0d90000-7fffa0d91000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted

Best Regards

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in chkrootkit (Ubuntu Lucid):
status: New → Confirmed
Revision history for this message
Max (maxmax) wrote :

Confirmed on 11.10:

Checking `chkutmp'... *** stack smashing detected ***: ./chkutmp terminated
======= Backtrace: =========
/lib/i386-linux-gnu/libc.so.6(__fortify_fail+0x45)[0x55d8d5]
/lib/i386-linux-gnu/libc.so.6(+0xe7887)[0x55d887]
./chkutmp[0x8048b15]
./chkutmp[0x8048ce2]
/lib/i386-linux-gnu/libc.so.6(__libc_start_main+0xf3)[0x48f113]
======= Memory map: ========
00187000-00188000 r-xp 00000000 00:00 0 [vdso]
0032c000-00348000 r-xp 00000000 08:02 10862628 /lib/i386-linux-gnu/libgcc_s.so.1
00348000-00349000 r--p 0001b000 08:02 10862628 /lib/i386-linux-gnu/libgcc_s.so.1
00349000-0034a000 rw-p 0001c000 08:02 10862628 /lib/i386-linux-gnu/libgcc_s.so.1
003be000-003dc000 r-xp 00000000 08:02 10862635 /lib/i386-linux-gnu/ld-2.13.so
003dc000-003dd000 r--p 0001d000 08:02 10862635 /lib/i386-linux-gnu/ld-2.13.so
003dd000-003de000 rw-p 0001e000 08:02 10862635 /lib/i386-linux-gnu/ld-2.13.so
00476000-005ec000 r-xp 00000000 08:02 10862906 /lib/i386-linux-gnu/libc-2.13.so
005ec000-005ee000 r--p 00176000 08:02 10862906 /lib/i386-linux-gnu/libc-2.13.so
005ee000-005ef000 rw-p 00178000 08:02 10862906 /lib/i386-linux-gnu/libc-2.13.so
005ef000-005f2000 rw-p 00000000 00:00 0
08048000-0804a000 r-xp 00000000 08:02 2637851 /usr/lib/chkrootkit/chkutmp
0804a000-0804b000 r--p 00001000 08:02 2637851 /usr/lib/chkrootkit/chkutmp
0804b000-0804c000 rw-p 00002000 08:02 2637851 /usr/lib/chkrootkit/chkutmp
08e32000-08e53000 rw-p 00000000 00:00 0 [heap]
b783a000-b783b000 rw-p 00000000 00:00 0
b7856000-b7858000 rw-p 00000000 00:00 0
bf71f000-bf897000 rw-p 00000000 00:00 0 [stack]
Aborted

Revision history for this message
Max (maxmax) wrote :

Valgrind output from 11.10.

Revision history for this message
Paul Broadhead (pjbroad) wrote :

I've also just encountered this bug on Lucid 10.04LTS. Can the importance be bumped please. Surely a crash in a security tool is very high importance!

Revision history for this message
Tom Bamford (tombamford) wrote :

I am also encountering this bug on Lucid 10.04 LTS production servers. Does anyone know if this will be fixed in lucid (it's a main package)?

Revision history for this message
Gerard Petersen (gerardjp) wrote :

+1

Intell 2.6.32-33-generic #72-Ubuntu SMP
Ubuntu 10.04.4 LTS

/etc/cron.daily/chkrootkit:
*** stack smashing detected ***: ./chkutmp terminated
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x50)[0x1f2390]
/lib/tls/i686/cmov/libc.so.6(+0xe233a)[0x1f233a]
./chkutmp[0x8048bb5]
[0x30322d62]
======= Memory map: ========
00110000-00263000 r-xp 00000000 08:12 197003 /lib/tls/i686/cmov/libc-2.11.1.so
00263000-00264000 ---p 00153000 08:12 197003 /lib/tls/i686/cmov/libc-2.11.1.so
00264000-00266000 r--p 00153000 08:12 197003 /lib/tls/i686/cmov/libc-2.11.1.so
00266000-00267000 rw-p 00155000 08:12 197003 /lib/tls/i686/cmov/libc-2.11.1.so
00267000-0026a000 rw-p 00000000 00:00 0
004e7000-00502000 r-xp 00000000 08:12 164255 /lib/ld-2.11.1.so
00502000-00503000 r--p 0001a000 08:12 164255 /lib/ld-2.11.1.so
00503000-00504000 rw-p 0001b000 08:12 164255 /lib/ld-2.11.1.so
007f5000-007f6000 r-xp 00000000 00:00 0 [vdso]
00acd000-00aea000 r-xp 00000000 08:12 164240 /lib/libgcc_s.so.1
00aea000-00aeb000 r--p 0001c000 08:12 164240 /lib/libgcc_s.so.1
00aeb000-00aec000 rw-p 0001d000 08:12 164240 /lib/libgcc_s.so.1
08048000-0804a000 r-xp 00000000 08:12 2479228 /usr/lib/chkrootkit/chkutmp
0804a000-0804b000 r--p 00001000 08:12 2479228 /usr/lib/chkrootkit/chkutmp
0804b000-0804c000 rw-p 00002000 08:12 2479228 /usr/lib/chkrootkit/chkutmp
09ea8000-09ec9000 rw-p 00000000 00:00 0 [heap]
b7870000-b7871000 rw-p 00000000 00:00 0
b788e000-b7890000 rw-p 00000000 00:00 0
bfa06000-bfb7c000 rw-p 00000000 00:00 0 [stack]
Aborted

Revision history for this message
unicorp99 (unicorp99) wrote :

on my Ubuntu 12.04 LTS 32bit last update, i5 - 16GB RAM kernel 3.2

Checking `chkutmp'... *** stack smashing detected ***: ./chkutmp terminated
======= Backtrace: =========
/lib/i386-linux-gnu/libc.so.6(__fortify_fail+0x45)[0xb7637ce5]
/lib/i386-linux-gnu/libc.so.6(+0x104c9a)[0xb7637c9a]
./chkutmp[0x8048aff]
./chkutmp[0x8048ccd]
/lib/i386-linux-gnu/libc.so.6(__libc_start_main+0xf3)[0xb754c4d3]
./chkutmp[0x8048661]
======= Memory map: ========
08048000-0804a000 r-xp 00000000 09:00 240394180 /usr/lib/chkrootkit/chkutmp
0804a000-0804b000 r--p 00001000 09:00 240394180 /usr/lib/chkrootkit/chkutmp
0804b000-0804c000 rw-p 00002000 09:00 240394180 /usr/lib/chkrootkit/chkutmp
08179000-0819a000 rw-p 00000000 00:00 0 [heap]
b74fe000-b751a000 r-xp 00000000 09:00 90308982 /lib/i386-linux-gnu/libgcc_s.so.1
b751a000-b751b000 r--p 0001b000 09:00 90308982 /lib/i386-linux-gnu/libgcc_s.so.1
b751b000-b751c000 rw-p 0001c000 09:00 90308982 /lib/i386-linux-gnu/libgcc_s.so.1
b7532000-b7533000 rw-p 00000000 00:00 0
b7533000-b76d7000 r-xp 00000000 09:00 90310333 /lib/i386-linux-gnu/libc-2.15.so
b76d7000-b76d9000 r--p 001a4000 09:00 90310333 /lib/i386-linux-gnu/libc-2.15.so
b76d9000-b76da000 rw-p 001a6000 09:00 90310333 /lib/i386-linux-gnu/libc-2.15.so
b76da000-b76dd000 rw-p 00000000 00:00 0
b76f2000-b76f5000 rw-p 00000000 00:00 0
b76f5000-b76f6000 r-xp 00000000 00:00 0 [vdso]
b76f6000-b7716000 r-xp 00000000 09:00 90310350 /lib/i386-linux-gnu/ld-2.15.so
b7716000-b7717000 r--p 0001f000 09:00 90310350 /lib/i386-linux-gnu/ld-2.15.so
b7717000-b7718000 rw-p 00020000 09:00 90310350 /lib/i386-linux-gnu/ld-2.15.so
bfaa2000-bfc1a000 rw-p 00000000 00:00 0 [stack]
Aborted (core dumped)

Bug Watch Updater (bug-watch-updater)
Changed in chkrootkit (Debian):
status: Unknown → New
Revision history for this message
Rolf Leggewie (r0lf) wrote :

lucid has seen the end of its life and is no longer receiving any updates. Marking the lucid task for this ticket as "Won't Fix".

Changed in chkrootkit (Ubuntu Lucid):
status: Confirmed → Won't Fix
Bug Watch Updater (bug-watch-updater)
Changed in chkrootkit (Debian):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.