Control: tag -1 moreinfo On Tue, 2017-06-20 at 17:37 +0200, Sasa Skevin wrote: > Package: src:linux > Version: 4.9.30-2 > Severity: important > > Dear Maintainer, > > I'm administering several Debian servers of which some are Jessie and > some are Stretch. On both of them after upgrading to latest kernel that > was released yesterday (4.9 on Stretch and 3.16 on Jessie), Java web > applications do not work any more. They stop with SIGSEGV in the Java > startup process. So I think you meant to report this against versions 3.16.43-2+deb8u1 and 4.9.30-2+deb9u1, not 4.9.30-2. Is that right? > Have tried more different Java web applications and while booting all of > them break with SIGSEGV while Java internaly loads rt.jar. > > Have tried with Oracle Java 1.8.0_130, Oracje Java 1.8.0_131 and latest > OpenJDK 8 and the same error happens. > > Even the servers on which this is tried are from different hosting > companies. [...] Does this go away if you add the kernel parameter "stack_guard_gap=1"? (That should effectively revert the fix for CVE-2017-1000364.) Has the stack limit for these applications been changed from the default (e.g. "ulimit -s unlimited" in a startup script)? Ben. -- Ben Hutchings Klipstein's 4th Law of Prototyping and Production: A fail-safe circuit will destroy others.
Attachment:
signature.asc
Description: This is a digitally signed message part