Summary
Linux kernel update addressing CVE-2017-1000364 is causing JVM crashes and crashes of executables embedding a 32bit JVM via JNI.
Executables crashing after OS update.
Environment
Required: All Suported Visibroker versions on RHEL 5/6/7 x86_64
Question/Problem Description
CVE-2017-1000364 was fixed in the kernel update kernel-2.6.32-504.60.2.el6.x86_64. This seems to be causing JVM cashes.
Clarifying Information
CVE-2017-1000364 was fixed in the kernel update kernel-2.6.32-504.60.2.el6.x86_64. After applying this update various executables embedding a 32bit JVM via JNI are crashing.
Details can be found in https://access.redhat.com/solutions/3091371
This affects all the below Visi tools and services:
configMigrator, events, fileDBMigrate, gatekeeper, idl2cpp, idl2ir, idl2java, idl2wsc, idl2wsj, ir2idl, irep, java2idl, java2iiop, JdsExplorer, JdsServer, lmadm, migrator, nameserv, nsutil, oad, oadutil, osfind, printIOR, requestagent, subtooltimeserv, userdbadmin, vaultgen, vbconsole, vbj, vbjc
Error Message
The core produced will look something like:#0 0xf711bb9b in _expand_stack_to(unsigned char*) () from /usr/jdk1.7.0_60/jre/lib/i386/server/libjvm.so
Missing separate debuginfos, use: debuginfo-install glibc-2.17-196.el7.i686 libgcc-4.8.5-16.el7.i686 libstdc -4.8.5-16.el7.i686
(gdb) bt
#0 0xf711bb9b in _expand_stack_to(unsigned char*) () from /usr/jdk1.7.0_60/jre/lib/i386/server/libjvm.so
#1 0xf711bc39 in os::Linux::manually_expand_stack(JavaThread*, unsigned char*) () from /usr/jdk1.7.0_60/jre/lib/i386/server/libjvm.so
#2 0xf711fd33 in os::create_attached_thread(JavaThread*) () from /usr/jdk1.7.0_60/jre/lib/i386/server/libjvm.so
#3 0xf723c91b in Threads::create_vm(JavaVMInitArgs*, bool*) () from /usr/jdk1.7.0_60/jre/lib/i386/server/libjvm.so
#4 0xf6f5b3fc in JNI_CreateJavaVM () from /usr/jdk1.7.0_60/jre/lib/i386/server/libjvm.so
#5 0x08052267 in CreateJVM ()
#6 0x080547e9 in launch ()
#7 0x08054bd8 in StartLaunch ()
#8 0x08054cf3 in main ()Defect/Enhancement Number
# A fatal error has been detected by the Java Runtime Environment:
#
# SIGBUS (0x7) at pc=0x00002ad752214eca, pid=27173, tid=0x00002ad75198fee0
#
# JRE version: (8.0_121-b33) (build )
# Java VM: Java HotSpot(TM) 64-Bit Server VM (25.121-b33 mixed mode linux-amd64 compressed oops)
# Problematic frame:
# j java.lang.Object.<clinit>()V 0
Cause
Kernel update kernel-2.6.32-504.60.2.el6.x86_64.Resolution
Users impacted will have to consider rolling back the responsible OS update or contact their Linux vendor for a fix.
Workaround
A workaround might be to use the services and/or tools from a 64bit VisiBroker installation.Support Incidents
3111548, 3116996
#Security
#VisiBroker
