-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-EN-08:01.libpthread Errata Notice The FreeBSD Project Topic: Problems with fork(2) within threaded programs Category: core Module: libpthread Announced: 2008-04-17 Credits: Julian Elischer, Dan Eischen Affects: FreeBSD 6.3 Corrected: 2008-02-04 20:05:20 UTC (RELENG_6, 6.3-STABLE) 2008-04-16 23:59:48 UTC (RELENG_6_3, 6.3-RELEASE-p2) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background POSIX threads are a set of functions that support applications with requirements for multiple flows of control, called threads, within a process. The fork(2) system call is used to create a new process. II. Problem Description The libpthread threading library on FreeBSD 6.3 fails to properly reinitialize mutexes when a threaded process invokes fork(2). III. Impact After the fork(2) system returns, the newly created child process may freeze in user space for no apparent reason. This affects any threaded application that invokes fork(2), most frequently those that call fork(2) before execve(2) or system(3) to run external programs. IV. Workaround On some systems, using libthr instead of libpthread, via the libmap configuration file libmap.conf(5), may be an acceptable workaround. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 6-STABLE or the RELENG_6_3 security branch dated after the correction date. 2) To patch your present system: The following patch has been verified to apply to FreeBSD 6.3 systems: a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/EN-08:01/libpthread.patch # fetch http://security.FreeBSD.org/patches/EN-08:01/libpthread.patch.asc b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch # cd /usr/src/lib/libpthread # make obj && make depend && make && make install VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch Revision Path - ------------------------------------------------------------------------- RELENG_6 src/lib/libpthread/sys/lock.c 1.9.2.2 src/lib/libpthread/thread/thr_kern.c 1.116.2.2 RELENG_6_3 src/UPDATING 1.416.2.37.2.6 src/sys/conf/newvers.sh 1.69.2.15.2.5 src/lib/libpthread/sys/lock.c 1.9.2.1.8.1 src/lib/libpthread/thread/thr_kern.c 1.116.2.1.6.1 - ------------------------------------------------------------------------- VII. References The latest revision of this advisory is available at http://security.FreeBSD.org/advisories/FreeBSD-EN-08:01.libpthread.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) iD8DBQFIBpWeFdaIBMps37IRAg2wAJ9jwXi2ZTaYXBdsU6CzS8dCzsQ5cwCcD2Fu NCao693yWJo1bJrCrrbG8Ww= =7mo1 -----END PGP SIGNATURE-----