← Back to team overview

ubuntustudio-bugs team mailing list archive

[Bug 1833479] Re: libjack-jackd2-0 double close on a failure to connect to jackd which causes crashes in multithreaded programs

 

This bug was fixed in the package jackd2 - 1.9.12~dfsg-2ubuntu2

---------------
jackd2 (1.9.12~dfsg-2ubuntu2) focal; urgency=medium

  * debian/patches/CVE-2019-13351.patch:
    - Set fSocket to -1 after close on an error to prevent a double close,
      fix CVE-2019-13351 (lp: #1833479)

 -- Sebastien Bacher <seb128@xxxxxxxxxx>  Thu, 16 Apr 2020 10:21:43
+0200

** Changed in: jackd2 (Ubuntu)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to jackd2 in Ubuntu.
Matching subscriptions: ubuntustudio-bugs: jackd2
https://bugs.launchpad.net/bugs/1833479

Title:
  libjack-jackd2-0 double close on a failure to connect to jackd which
  causes crashes in multithreaded programs

Status in alsa-plugins package in Ubuntu:
  New
Status in jackd2 package in Ubuntu:
  Fix Released
Status in jackd2 package in Debian:
  Confirmed

Bug description:
  After upgrading to Ubuntu 19.04, I started experiencing sporadic
  crashes in kodi when turning my AV receiver on. Ubuntu 19.04 upgraded
  alsa-plugins to 1.1.8. For alsa-plugins >= 1.1.7, the ALSA jack plugin
  is enabled by default in /etc/alsa/conf.d/50-jack.conf.

  The crashes are caused by a race condition when kodi's audio engine
  thread is enumerating the ALSA sound devices, and the udev thread is
  enumerating the udev devices triggered by the sound device add from
  turning the AVR on.

  When enumerating the ALSA jack plugin device, it tries to connect to
  connect to jackd. Since I don't have jackd installed, it fails to
  connect. libjack closes the socket on error, and then closes it again
  in it's cleanup code. Since it's closing the same file descriptor
  twice, it interacts with other threads that have potentially opened
  file descriptors, and causes the crash.

  This same bug could potentially affect other multi-threaded programs
  that enumerate ALSA devices.

  Fix committed upstream:
  https://github.com/jackaudio/jack2/commit/dad4b5702782eef3bd66e3c3f4fefaaae3571208

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/alsa-plugins/+bug/1833479/+subscriptions


References