From owner-freebsd-security@freebsd.org  Wed Sep 30 18:47:35 2015
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id C185FA0CB3E
 for <freebsd-security@mailman.ysv.freebsd.org>;
 Wed, 30 Sep 2015 18:47:35 +0000 (UTC)
 (envelope-from prvs=071588ecfe=rblayzor.bulk@inoc.net)
Received: from mta3.alb.inoc.net (mta3.alb.inoc.net
 [IPv6:2607:f058:110:2::1:3])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 88DCD1C4E
 for <freebsd-security@freebsd.org>; Wed, 30 Sep 2015 18:47:35 +0000 (UTC)
 (envelope-from prvs=071588ecfe=rblayzor.bulk@inoc.net)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=inoc.net;
 s=201501; h=To:References:Message-Id:Content-Transfer-Encoding:Date:
 In-Reply-To:From:Subject:Mime-Version:Content-Type;
 bh=LCWiEetlCK1twD5BDQStwRtPM4Jwmjhp6LYxHhKC6U8=; b=jbumG4zDUVMbnmXPmOjjqvq71l
 0zbCO5JLEAXAUvfI96bb822lKV4kIMCulSQkQ5ieg7Giak6oDWPDDICdpYRE7QUvlV9//R4xWXWri
 UWVSZdZI/MxidmrB5MVrrIuXn1GqmtvJRXUlGOayH9Fso4otwTTHuZiu1h43hBAM8HK+sxR5zGSDb
 atGlZ0dOduZisU4xrISUdIAINMyASW7RZnK0CcAeH7uCFLMtm/mDylYS7QH1Bvz9wSFR5zDhnqTr5
 5keCzhCT/2sObP2hEVcLIvAjlD6OsFC7I2W5G9gEsbR5BcIkdR60whsS/niVwRHcfWWecSqMOV5JW
 RJWFnnlw==;
Received: from [64.246.135.7] (helo=void.ops.inoc.net)
 by mail.inoc.net with ESMTPA (Exim 4.86)
 (envelope-from <rblayzor.bulk@inoc.net>)
 id 1ZhMPe-000Jnz-4B by authid <rblayzor@inoc.net>
 for freebsd-security@freebsd.org; Wed, 30 Sep 2015 18:47:34 +0000
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-15:24.rpcbind
From: Robert Blayzor <rblayzor.bulk@inoc.net>
In-Reply-To: <20150929183942.569F311FD@freefall.freebsd.org>
Date: Wed, 30 Sep 2015 14:47:30 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <B821DB04-67A9-4F7C-85E1-8ABCF72C6D46@inoc.net>
References: <20150929183942.569F311FD@freefall.freebsd.org>
To: freebsd-security@freebsd.org
X-Mailer: Apple Mail (2.2104)
X-Auth-Info: cmJsYXl6b3JAaW5vYy5uZXQ=
X-Virus-Scanned: ClamAV 0.98.7/20949/Wed Sep 30 14:30:18 2015
X-Anti-Abuse: Please report to abuse@inoc.net
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Sep 2015 18:47:36 -0000

Was this regression tested or missing more info? After updating and =
rebooting seeing a ton of problems with rpcbind core dumping at start.. =
lock manager fails to start, etc.

dmesg
da0: quirks=3D0x40<RETRY_BUSY>
SMP: AP CPU #1 Launched!
Trying to mount root from ufs:/dev/da0p2 [rw]..
pid 367 (rpcbind), uid 0: exited on signal 6 (core dumped)
NLM: failed to contact remote rpcbind, stat =3D 5, port =3D 28416
NLM: failed to contact remote rpcbind, stat =3D 0, port =3D 0
Can't start NLM - unable to contact NSM
NLM: failed to contact remote rpcbind, stat =3D 0, port =3D 0
NLM: failed to contact remote rpcbind, stat =3D 0, port =3D 0
Can't start NLM - unable to contact NSM


[~] egrep rpc\|nis /etc/rc.conf
rpcbind_enable=3D"YES"
rpc_lockd_enable=3D"YES"
rpc_lockd_flags=3D"-p 4045"
rpc_statd_enable=3D"YES"
rpc_statd_flags=3D"-p 4046"
nis_client_enable=3D=E2=80=9CYES"
nis_server_enable=3D=E2=80=9CYES"


[~] uname -a
FreeBSD 10.2-RELEASE-p4 FreeBSD 10.2-RELEASE-p4 #0 r288419: Wed Sep 30 =
18:33:40 UTC 2015     amd64


No problems prior to patching.


--
Robert
inoc.net!rblayzor
Jabber: rblayzor.AT.inoc.net
PGP Key: 78BEDCE1 @ pgp.mit.edu

> On Sep 29, 2015, at 2:39 PM, FreeBSD Security Advisories =
<security-advisories@freebsd.org> wrote:
>=20
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>=20
> =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D
> FreeBSD-SA-15:24.rpcbind                                    Security =
Advisory
>                                                          The FreeBSD =
Project
>=20
> Topic:          rpcbind(8) remote denial of service
>=20
> Category:       core
> Module:         rpcbind
> Announced:      2015-09-29
> Affects:        All supported versions of FreeBSD.
> Corrected:      2015-09-29 18:06:27 UTC (stable/10, 10.2-STABLE)
>                2015-09-29 18:07:18 UTC (releng/10.2, 10.2-RELEASE-p4)
>                2015-09-29 18:07:18 UTC (releng/10.1, 10.1-RELEASE-p21)
>                2015-09-29 18:06:27 UTC (stable/9, 9.3-STABLE)
>                2015-09-29 18:07:18 UTC (releng/9.3, 9.3-RELEASE-p27)
> CVE Name:       CVE-2015-7236