oscap segfaults while trying to check using ubuntu-security definitions:
The command:
oscap oval eval --report /tmp/oscap_report.html /var/tmp/com.ubuntu.eoan.cve.oval.xml
Segfault:
...
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Probe with PID=26379 has been killed with signal 11 [../../../../../src/OVAL/probes/SEAP/sch_pipe.c:178]
Probe with PID=26379 has core dumped. [../../../../../src/OVAL/probes/SEAP/sch_pipe.c:182]
Unable to close probe sd [../../../src/OVAL/oval_probe_ext.c:424]
Unable to receive a message from probe [../../../src/OVAL/oval_probe_ext.c:579]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Probe with PID=26393 has been killed with signal 11 [../../../../../src/OVAL/probes/SEAP/sch_pipe.c:178]
Probe with PID=26393 has core dumped. [../../../../../src/OVAL/probes/SEAP/sch_pipe.c:182]
Unable to close probe sd [../../../src/OVAL/oval_probe_ext.c:424]
Unable to receive a message from probe [../../../src/OVAL/oval_probe_ext.c:579]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
oscap segfaults while trying to check using ubuntu-security definitions:
The command: report. html /var/tmp/ com.ubuntu. eoan.cve. oval.xml
oscap oval eval --report /tmp/oscap_
Segfault: ../../src/ OVAL/results/ oval_resultTest .c:179] ../../src/ OVAL/results/ oval_resultTest .c:179] ../../src/ OVAL/results/ oval_resultTest .c:179] ../../. ./src/OVAL/ probes/ SEAP/sch_ pipe.c: 178] ../../. ./src/OVAL/ probes/ SEAP/sch_ pipe.c: 182] ../src/ OVAL/oval_ probe_ext. c:424] ../src/ OVAL/oval_ probe_ext. c:579] ../../src/ OVAL/results/ oval_resultTest .c:179] ../../src/ OVAL/results/ oval_resultTest .c:179] ../../src/ OVAL/results/ oval_resultTest .c:179] ../../src/ OVAL/results/ oval_resultTest .c:179] ../../src/ OVAL/results/ oval_resultTest .c:179] ../../src/ OVAL/results/ oval_resultTest .c:179] ../../src/ OVAL/results/ oval_resultTest .c:179] ../../src/ OVAL/results/ oval_resultTest .c:179] ../../src/ OVAL/results/ oval_resultTest .c:179] ../../src/ OVAL/results/ oval_resultTest .c:179] ../../. ./src/OVAL/ probes/ SEAP/sch_ pipe.c: 178] ../../. ./src/OVAL/ probes/ SEAP/sch_ pipe.c: 182] ../src/ OVAL/oval_ probe_ext. c:424] ../src/ OVAL/oval_ probe_ext. c:579] ../../src/ OVAL/results/ oval_resultTest .c:179]
...
Invalid oval result type: -1. [../../
Invalid oval result type: -1. [../../
Invalid oval result type: -1. [../../
Probe with PID=26379 has been killed with signal 11 [../../
Probe with PID=26379 has core dumped. [../../
Unable to close probe sd [../../
Unable to receive a message from probe [../../
Invalid oval result type: -1. [../../
Invalid oval result type: -1. [../../
Invalid oval result type: -1. [../../
Invalid oval result type: -1. [../../
Invalid oval result type: -1. [../../
Invalid oval result type: -1. [../../
Invalid oval result type: -1. [../../
Invalid oval result type: -1. [../../
Invalid oval result type: -1. [../../
Invalid oval result type: -1. [../../
Probe with PID=26393 has been killed with signal 11 [../../
Probe with PID=26393 has core dumped. [../../
Unable to close probe sd [../../
Unable to receive a message from probe [../../
Invalid oval result type: -1. [../../
The OVAL definitions are taken directly from https:/ /people. canonical. com/~ubuntu- security/ oval/com. ubuntu. eoan.cve. oval.xml
Version:
oscap --version
OpenSCAP command line tool (oscap) 1.2.16
Copyright 2009--2017 Red Hat Inc., Durham, North Carolina.
==== Supported specifications ====
XCCDF Version: 1.2
OVAL Version: 5.11.1
CPE Version: 2.3
CVSS Version: 2.0
CVE Version: 2.0
Asset Identification Version: 1.1
Asset Reporting Format Version: 1.1
CVRF Version: 1.1
==== Capabilities added by auto-loaded plugins ==== sce.so. 8)
SCE Version: 1.0 (from libopenscap_
==== Paths ==== openscap/ schemas openscap/ cpe x86_64- linux-gnu/ openscap
Schema files: /usr/share/
Default CPE files: /usr/share/
Probes: /usr/lib/