Insecure permissions on SysV SHM object with memory leak

Bug #1569125 reported by Ricardo
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Cogl
Confirmed
Medium
cogl (Ubuntu)
High
Unassigned

Bug Description

The library creates a SysV SHM object with 777 permissions (insecure) and no SHM_RMID flag set (memory leak when application dies).

Consider a patch is the bug is not fixed upstream:

https://bugzilla.gnome.org/show_bug.cgi?id=755532

Revision history for this message
Ricardo (ricardo-smartmatic) wrote :

Tested patch. Now I can logout from Linux Mint without leaking memory and no insecure permissions.

Revision history for this message
Steve Beattie (sbeattie) wrote :

Thanks for the report. Since the report is public elsewhere, I'm making this public as well.

information type: Private Security → Public Security
Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "cogl-texture-pixmap-x11.c.diff" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

tags: added: patch
Changed in cogl:
importance: Unknown → Medium
status: Unknown → Confirmed
Changed in cogl (Ubuntu):
importance: Undecided → High
status: New → Triaged
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.