Bug#701616: shouldn't CVE-2012-4530 fix have bumped ABI revision counter?

To: submit@bugs.debian.org
Subject: Bug#701616: shouldn't CVE-2012-4530 fix have bumped ABI revision counter?
From: Sergio Gelato <Sergio.Gelato@astro.su.se>
Date: Mon, 25 Feb 2013 12:24:19 +0100
Message-id: <[🔎] 20130225112418.GB2627@ebisu.astro.su.se>
Reply-to: Sergio Gelato <Sergio.Gelato@astro.su.se>, 701616@bugs.debian.org

Package: linux-2.6
Version: 2.6.32-48

If I upgrade the linux-image package on a running system from
2.6.32-46 to 2.6.32-48, then run
	modprobe binfmt_misc
before rebooting, the kernel fails to load the module and reports
	binfmt_misc: Unknown symbol bprm_change_interp

That symbol was introduced by
	debian/patches/bugfix/all/exec-do-not-leave-bprm-interp-on-stack.patch
(as part of the fix for CVE-2012-4530, says the changelog).

I know this will go away after a reboot, but isn't the point of kernel ABI
revision numbers to prevent this kind of problem? Is there a bug in the tools
the kernel package maintainers use to detect ABI changes?

I've seen hints of a similar issue with the lockd module, by the way. No
new symbols as far as I can tell, but trying to load the 2.6.32-48 module
into a 2.6.32-46 kernel results in
	lockd_up: makesock failed, error=-13
and lots of
	svc: failed to register lockdv1 RPC service (errno 13).
with NFS mounts failing. This also goes away after rebooting into 2.6.32-48.

Reply to:

Follow-Ups:
- Bug#701616: marked as done (shouldn't CVE-2012-4530 fix have bumped ABI revision counter?)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Re: AACRAID / Adaptech updated drivers
Next by Date: Bug#701620: linux-image-3.2.0-4-amd64: Unable to use PCI cards on Intel DZ77SL50K motherboard (likely any Z77 board)
Previous by thread: linux_3.2.39-1_multi.changes ACCEPTED into unstable
Next by thread: Bug#701616: marked as done (shouldn't CVE-2012-4530 fix have bumped ABI revision counter?)
Index(es):
- Date
- Thread