Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. MythTV>
  3. Users
mythbackend deadlocks on startup since kernel update
lists at glidos
Jul 6, 2023, 1:08 PM
Post #1 of 6 (247 views)
Permalink
After an update of my system, mythbackend repeatedly failed to start: no
obvious error messages, it just stalls. The update included security
patches to the 5.14.21 kernel. Amongst those, I found:

- CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race
condition in dvb_net.c that lead to a use-after-free (bsc#1205760).
- CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could
cause a use-after-free when a device is disconnected (bsc#1205758).
- CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack
of a dvb_frontend_detach call (bsc#1205762).
- CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could
occur if there is a disconnect after an open, because of the lack of a
wait_event (bsc#1205803).
- CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to
dvb_register_device dynamically allocating fops (bsc#1205756).
- CVE-2023-31084: Fixed a blocking issue in
drivers/media/dvb-core/dvb_frontend.c (bsc#1210783).

These may have nothing to do with the problem, but are at least in an
area that could affect MythTV. Reverting back to an earlier disc
snapshot has worked as a temporary fix.

I'm mainly wondering if anyone else on here has run into similar.

I'm using OpenSuSE Leap 15.4. It may be specific to that distro, but I
assume these patches will make there way to other distros.

_______________________________________________
mythtv-users mailing list
mythtv-users@mythtv.org
http://lists.mythtv.org/mailman/listinfo/mythtv-users
http://wiki.mythtv.org/Mailing_List_etiquette
MythTV Forums: https://forum.mythtv.org
Re: mythbackend deadlocks on startup since kernel update [ In reply to ]
johnpilk222 at gmail
Jul 6, 2023, 2:16 PM
Post #2 of 6 (247 views)
Permalink
On 06/07/2023 21:08, Paul Gardiner wrote:
> After an update of my system, mythbackend repeatedly failed to start: no
> obvious error messages, it just stalls. The update included security
> patches to the 5.14.21 kernel. Amongst those, I found:
>
> - CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race
> condition in dvb_net.c that lead to a use-after-free (bsc#1205760).
> - CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could
> cause a use-after-free when a device is disconnected (bsc#1205758).
> - CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack
> of a dvb_frontend_detach call (bsc#1205762).
> - CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could
> occur if there is a disconnect after an open, because of the lack of a
> wait_event (bsc#1205803).
> - CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to
> dvb_register_device dynamically allocating fops (bsc#1205756).
> - CVE-2023-31084: Fixed a blocking issue in
> drivers/media/dvb-core/dvb_frontend.c (bsc#1210783).
>
> These may have nothing to do with the problem, but are at least in an
> area that could affect MythTV. Reverting back to an earlier disc
> snapshot has worked as a temporary fix.
>
> I'm mainly wondering if anyone else on here has run into similar.
>
> I'm using OpenSuSE Leap 15.4. It may be specific to that distro, but I
> assume these patches will make there way to other distros.

This is clearly related to the first bug in the sequence here. It looks
as if it's near to a fix now, but IDK how it would relate to suse.


https://github.com/MythTV/mythtv/issues/761
_______________________________________________
mythtv-users mailing list
mythtv-users@mythtv.org
http://lists.mythtv.org/mailman/listinfo/mythtv-users
http://wiki.mythtv.org/Mailing_List_etiquette
MythTV Forums: https://forum.mythtv.org
Re: ***SPAM*** mythbackend deadlocks on startup since kernel update [ In reply to ]
lists at glidos
Jul 7, 2023, 7:12 AM
Post #3 of 6 (244 views)
Permalink
> On 06/07/2023 21:08, Paul Gardiner wrote:
>> After an update of my system, mythbackend repeatedly failed to start: no
>> obvious error messages, it just stalls. The update included security
>> patches to the 5.14.21 kernel. Amongst those, I found:
>>
>> - CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race
>> condition in dvb_net.c that lead to a use-after-free (bsc#1205760).
>> - CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could
>> cause a use-after-free when a device is disconnected (bsc#1205758).
>> - CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack
>> of a dvb_frontend_detach call (bsc#1205762).
>> - CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could
>> occur if there is a disconnect after an open, because of the lack of a
>> wait_event (bsc#1205803).
>> - CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to
>> dvb_register_device dynamically allocating fops (bsc#1205756).
>> - CVE-2023-31084: Fixed a blocking issue in
>> drivers/media/dvb-core/dvb_frontend.c (bsc#1210783).
>>
>> These may have nothing to do with the problem, but are at least in an
>> area that could affect MythTV. Reverting back to an earlier disc
>> snapshot has worked as a temporary fix.
>>
>> I'm mainly wondering if anyone else on here has run into similar.
>>
>> I'm using OpenSuSE Leap 15.4. It may be specific to that distro, but I
>> assume these patches will make there way to other distros.
>
> This is clearly related to the first bug in the sequence here. It looks
> as if it's near to a fix now, but IDK how it would relate to suse.

Should I consider it strange, though, that the version that gave me
problems was the one that included these patches, whereas the previous
version, that presumably had the bug, worked fine?

_______________________________________________
mythtv-users mailing list
mythtv-users@mythtv.org
http://lists.mythtv.org/mailman/listinfo/mythtv-users
http://wiki.mythtv.org/Mailing_List_etiquette
MythTV Forums: https://forum.mythtv.org
Re: ***SPAM*** mythbackend deadlocks on startup since kernel update [ In reply to ]
stephen_agent at jsw
Jul 7, 2023, 12:07 PM
Post #4 of 6 (243 views)
Permalink
On Fri, 7 Jul 2023 15:12:47 +0100, you wrote:

>> On 06/07/2023 21:08, Paul Gardiner wrote:
>>> After an update of my system, mythbackend repeatedly failed to start: no
>>> obvious error messages, it just stalls. The update included security
>>> patches to the 5.14.21 kernel. Amongst those, I found:
>>>
>>> - CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race
>>> condition in dvb_net.c that lead to a use-after-free (bsc#1205760).
>>> - CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could
>>> cause a use-after-free when a device is disconnected (bsc#1205758).
>>> - CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack
>>> of a dvb_frontend_detach call (bsc#1205762).
>>> - CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could
>>> occur if there is a disconnect after an open, because of the lack of a
>>> wait_event (bsc#1205803).
>>> - CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to
>>> dvb_register_device dynamically allocating fops (bsc#1205756).
>>> - CVE-2023-31084: Fixed a blocking issue in
>>> drivers/media/dvb-core/dvb_frontend.c (bsc#1210783).
>>>
>>> These may have nothing to do with the problem, but are at least in an
>>> area that could affect MythTV. Reverting back to an earlier disc
>>> snapshot has worked as a temporary fix.
>>>
>>> I'm mainly wondering if anyone else on here has run into similar.
>>>
>>> I'm using OpenSuSE Leap 15.4. It may be specific to that distro, but I
>>> assume these patches will make there way to other distros.
>>
>> This is clearly related to the first bug in the sequence here. It looks
>> as if it's near to a fix now, but IDK how it would relate to suse.
>
>Should I consider it strange, though, that the version that gave me
>problems was the one that included these patches, whereas the previous
>version, that presumably had the bug, worked fine?

No, the fixes were for fairly obscure problems, which you were not
having. But the fixes were buggy, and broke mythfrontend for you.

This is not particularly uncommon, unfortunately. The first go at
fixing small obscure bugs in the kernel often breaks something else
that the testing does not find, and it gets released like that and bug
reports start coming in about something being broken. Then the fixed
gets reversed out and a better one done, either immediately or later.
Or the buggy fix gets fixed in the next release.
_______________________________________________
mythtv-users mailing list
mythtv-users@mythtv.org
http://lists.mythtv.org/mailman/listinfo/mythtv-users
http://wiki.mythtv.org/Mailing_List_etiquette
MythTV Forums: https://forum.mythtv.org
Re: ***SPAM*** mythbackend deadlocks on startup since kernel update [ In reply to ]
mystica at gmail
Jul 7, 2023, 12:23 PM
Post #5 of 6 (243 views)
Permalink
On Fri, Jul 7, 2023, 13:09 Stephen Worthington <stephen_agent@jsw.gen.nz>
wrote:

>
> No, the fixes were for fairly obscure problems, which you were not
> having. But the fixes were buggy, and broke mythfrontend for you.
>

Specifically these fixes were for security issues that presumably a
media-center-only PC would never need to worry about.

My take at least from the descriptions, they appear to be mostly related to
the physical plug-in and plug out process for USB tuner devices [and
perhaps PCI hot-plugging][.[.This is only a guess because I have not taken
the time to research the CVEs I'm only going off of the descriptions]]

Unless you have untrusted people near the media center PC, or other
untrusted remote users connecting to your system, or you run old [not yet
patched for zero days for example] web browsers browsing the public
internet without an ad blocker[.which can mitigate a major sources of these
malicious zero day attacks], [.This is a corner case because I would assume
multiple other vulnerabilities would be exploited before this one] you
should not have anything to worry about in terms of security on your
system.

I too concur that kernel packagers/developers will notice bug reports
related to the DVB subsystem hanging, and very likely reissue updated
releases with fixed patches or new patches.

For now you should be able to just to keep a stable old version of the
kernel and update everything else and it should be fine.

Mike
Re: mythbackend deadlocks on startup since kernel update [ In reply to ]
lists at glidos
Jul 8, 2023, 3:14 AM
Post #6 of 6 (234 views)
Permalink
On 07/07/2023 20:07, Stephen Worthington wrote:
> On Fri, 7 Jul 2023 15:12:47 +0100, you wrote:
>
>>> On 06/07/2023 21:08, Paul Gardiner wrote:
>>>> After an update of my system, mythbackend repeatedly failed to start: no
>>>> obvious error messages, it just stalls. The update included security
>>>> patches to the 5.14.21 kernel. Amongst those, I found:
>>>>
>>>> - CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race
>>>> condition in dvb_net.c that lead to a use-after-free (bsc#1205760).
>>>> - CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could
>>>> cause a use-after-free when a device is disconnected (bsc#1205758).
>>>> - CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack
>>>> of a dvb_frontend_detach call (bsc#1205762).
>>>> - CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could
>>>> occur if there is a disconnect after an open, because of the lack of a
>>>> wait_event (bsc#1205803).
>>>> - CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to
>>>> dvb_register_device dynamically allocating fops (bsc#1205756).
>>>> - CVE-2023-31084: Fixed a blocking issue in
>>>> drivers/media/dvb-core/dvb_frontend.c (bsc#1210783).
>>>>
>>>> These may have nothing to do with the problem, but are at least in an
>>>> area that could affect MythTV. Reverting back to an earlier disc
>>>> snapshot has worked as a temporary fix.
>>>>
>>>> I'm mainly wondering if anyone else on here has run into similar.
>>>>
>>>> I'm using OpenSuSE Leap 15.4. It may be specific to that distro, but I
>>>> assume these patches will make there way to other distros.
>>>
>>> This is clearly related to the first bug in the sequence here. It looks
>>> as if it's near to a fix now, but IDK how it would relate to suse.
>>
>> Should I consider it strange, though, that the version that gave me
>> problems was the one that included these patches, whereas the previous
>> version, that presumably had the bug, worked fine?
>
> No, the fixes were for fairly obscure problems, which you were not
> having. But the fixes were buggy, and broke mythfrontend for you.
>
> This is not particularly uncommon, unfortunately. The first go at
> fixing small obscure bugs in the kernel often breaks something else
> that the testing does not find, and it gets released like that and bug
> reports start coming in about something being broken. Then the fixed
> gets reversed out and a better one done, either immediately or later.
> Or the buggy fix gets fixed in the next release.

Thanks all. I'll hang on for the next kernel update then and not worry
about it.

Cheers,
Paul.
_______________________________________________
mythtv-users mailing list
mythtv-users@mythtv.org
http://lists.mythtv.org/mailman/listinfo/mythtv-users
http://wiki.mythtv.org/Mailing_List_etiquette
MythTV Forums: https://forum.mythtv.org

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal