Closed
Bug 1041342
Opened 10 years ago
Closed 9 years ago
Adblock Plus/AdBlock Edge cause FireFox 30 to crash on grsec kernels
Categories
(Firefox :: Untriaged, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: gaming4jc2, Unassigned)
References
Details
(Keywords: crash, regression)
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:26.0) Gecko/20100101 Firefox/26.0 (Beta/Release) Build ID: 20140616181436 Steps to reproduce: 1) Install Hardened Kernel with PAX protection 2) Install FireFox 30 3) Install Adblock Plus 4) Crash! Actual results: [26789.926076] PAX: execution attempt in: <anonymous mapping>, 6bdedff1f000-6bdedff21000 6bdedff1f000 [26789.926083] PAX: terminating task: /usr/lib/firefox/firefox(firefox):947, uid/euid: 1000/1000, PC: 00006bdedff2097c, SP: 00007ab0ed13f1c0 [26789.926086] PAX: bytes at PC: 48 83 c4 18 e9 11 00 00 00 54 68 03 00 00 00 50 68 80 08 00 [26789.926098] PAX: bytes at SP-8: 00006bdedff2097c 0000000000000700 00006bdec989d540 0000000000000003 fff9000000000000 fffbebdeb790b440 fff8800000002dcf fffbebdeb8f23d00 0000aae4b8f23d00 00006bdeb8f23d00 00006bdec989d540 Expected results: FireFox shouldn't have been blocked by PAX due to the problem with RANDMMAP. Temporary work around: -m: disable MPROTECT -r: disable RANDMMAP Highly unadvisable as no other extensions cause or need this. Older versions of FireFox e.g. 24 didn't have this issue. One other user has already reproduced, but I would appreciate others confirming as well to help debug this possible security issue.
Comment 2•10 years ago
|
||
Luke, can you find the regression range using nightly builds?
Severity: normal → critical
Flags: needinfo?(gaming4jc2)
Comment 3•9 years ago
|
||
I've sent an email to the reporter asking for more info.
Comment 4•9 years ago
|
||
Reporter replied to me that it is indeed working correctly now.
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Flags: needinfo?(gaming4jc2)
Keywords: regressionwindow-wanted
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•