libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
alsa-plugins (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
jackd2 (Debian) |
Fix Released
|
Unknown
|
|||
jackd2 (Ubuntu) |
Fix Released
|
High
|
Unassigned |
Bug Description
After upgrading to Ubuntu 19.04, I started experiencing sporadic crashes in kodi when turning my AV receiver on. Ubuntu 19.04 upgraded alsa-plugins to 1.1.8. For alsa-plugins >= 1.1.7, the ALSA jack plugin is enabled by default in /etc/alsa/
The crashes are caused by a race condition when kodi's audio engine thread is enumerating the ALSA sound devices, and the udev thread is enumerating the udev devices triggered by the sound device add from turning the AVR on.
When enumerating the ALSA jack plugin device, it tries to connect to connect to jackd. Since I don't have jackd installed, it fails to connect. libjack closes the socket on error, and then closes it again in it's cleanup code. Since it's closing the same file descriptor twice, it interacts with other threads that have potentially opened file descriptors, and causes the crash.
This same bug could potentially affect other multi-threaded programs that enumerate ALSA devices.
Fix committed upstream: https:/
CVE References
description: | updated |
Changed in jackd2 (Ubuntu): | |
importance: | Undecided → High |
Changed in jackd2 (Ubuntu): | |
status: | New → Confirmed |
Changed in jackd2 (Debian): | |
status: | New → Confirmed |
Changed in jackd2 (Debian): | |
importance: | Undecided → Unknown |
status: | Confirmed → Unknown |
Changed in jackd2 (Ubuntu): | |
importance: | High → Low |
Changed in jackd2 (Debian): | |
status: | Unknown → Confirmed |
Changed in jackd2 (Ubuntu): | |
importance: | Low → High |
status: | Confirmed → Fix Committed |
Changed in alsa-plugins (Ubuntu): | |
status: | New → Invalid |
Changed in jackd2 (Debian): | |
status: | Confirmed → Fix Released |
See kodi issue with stack traces: https:/ /github. com/xbmc/ xbmc/issues/ 16258