Products | Versions |
---|---|
TIBCO Silver Fabric | - |
We have had reports of Silver Fabric /GridServer engines and daemons crashing after updating to kernel version with the patch for Stack Clash vulnerability (CVE-2017-1000364: Stack Guard flaw).
Till now Issues have been reported for the following Kernel Version upgrade:
2.6.32-696.3.2
3.10.0-514.21.2.el7.x86_64
Stack Clash vulnerability CVE:
CVE-2017-1000364 for the Linux kernel.
CVE-2017-10000366 for glibc.
Error :
Sample hs_err_pind<xxxx>.log
====================================================================
#
# A fatal error has been detected by the Java Runtime Environment:
#
# SIGBUS (0x7) at pc=0x00007f6e8a92c461, pid=21747, tid=140112822265632
#
# JRE version: (7.0_91-b15) (build )
# Java VM: Java HotSpot(TM) 64-Bit Server VM (24.91-b03 mixed mode linux-amd64 compressed oops)
# Problematic frame:
# j java.lang.Object.<clinit>()V+0
#
# Failed to write core dump. Core dumps have been disabled. To enable core dumping, try "ulimit -c unlimited" before starting Java again
#
# If you would like to submit a bug report, please visit:
# http://bugreport.java.com/bugreport/crash.jsp
#
--------------- T H R E A D ---------------
......
......
......
Stack: [0x00007ffd3816e000,0x00007ffd381ee000], sp=0x00007ffd381ea4b0, free space=497k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
j java.lang.Object.<clinit>()V+0
v ~StubRoutines::call_stub
V [libjvm.so+0x602145] JavaCalls::call_helper(JavaValue*, methodHandle*, JavaCallArguments*, Thread*)+0x365
V [libjvm.so+0x600ba8] JavaCalls::call(JavaValue*, methodHandle, JavaCallArguments*, Thread*)+0x28
V [libjvm.so+0x5c501a] instanceKlass::call_class_initializer(Thread*)+0xca
V [libjvm.so+0x5c5274] instanceKlass::initialize_impl(instanceKlassHandle, Thread*)+0x234
V [libjvm.so+0x5c56ca] instanceKlass::initialize(Thread*)+0x6a
V [libjvm.so+0x5c550b] instanceKlass::initialize_impl(instanceKlassHandle, Thread*)+0x4cb
V [libjvm.so+0x5c56ca] instanceKlass::initialize(Thread*)+0x6a
V [libjvm.so+0x95e002] Threads::create_vm(JavaVMInitArgs*, bool*)+0x402
V [libjvm.so+0x63b474] JNI_CreateJavaVM+0x74
C [hawkagent_production+0x8d1c] __cxa_guard_acquire@@CXXABI_1.3+0x8d1c
--------------- P R O C E S S ---------------
Java Threads: ( => current thread )
=>0x0000000002476800 JavaThread "Unknown thread" [_thread_in_Java, id=21747, stack(0x00007ffd3816e000,0x00007ffd381ee000)]
Other Threads:
0x00000000024d6000 VMThread [stack: 0x00007f6e88436000,0x00007f6e88537000] [id=21754]
====================================================================
Please refer the following online articles for more information on this,
-Stack Clash security advisory
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
-Vendor advisories:
SUSE
https://www.novell.com/support/kb/doc.php?id=7020973
Red Hat
https://access.redhat.com/security/vulnerabilities/stackguard
Debian
https://www.debian.org/security/2017/dsa-3886
https://www.debian.org/security/2017/dsa-3887
https://www.debian.org/security/2017/dsa-3888
https://www.debian.org/security/2017/dsa-3889
Ubuntu
https://www.ubuntu.com/usn/
OpenBSD
https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/008_exec_subr.patch.sig
Oracle Solaris
http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-3629-3757403.html