View Issue Details

IDProjectCategoryView StatusLast Update
0006108Kali LinuxKali Package Bugpublic2021-07-07 14:09
ReporterOS-69474 Assigned Torhertzog  
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
Product Version2020.1 
Summary0006108: nmap segfault due to lua-lpeg
Description

Scanning a specific lab host using the vulners script will consistently lead to a crash. I made a post about it in the PWK forums.

Additional Information

Log from dmesg:

[14294.399735] nmap[13062]: segfault at 7ffe3cddeff8 ip 00007ff3ca9264c7 sp 00007ffe3cddf000 error 6 in liblua5.3-lpeg.so.2.0.0[7ff3ca920000+a000]
[14294.399745] Code: 8d 50 f1 80 fa 01 77 0b b8 01 00 00 00 5b c3 0f 1f 40 00 48 8b 15 09 3b 20 00 0f b6 04 02 3c 01 74 21 3c 02 75 2d 48 8d 7b 08 <e8> 64 ba ff ff 85 c0 75 d5 48 63 43 04 48 8d 1c c3 eb ba 66 0f 1f

I was able to resolve the problem for myself by building the lua-lpeg package with the following patch included: https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=942031;filename=lua-lpeg_1.0.0-2ubuntu1.debdiff;msg=5

Activities

rhertzog

rhertzog

2020-02-18 10:01

administrator   ~0012297

Thanks for the report. I pinged the Debian maintainer privately to try to get the fix into Debian, possibly by packaging the new upstream release 1.0.2. https://tracker.debian.org/pkg/lua-lpeg

rhertzog

rhertzog

2021-07-07 14:09

administrator   ~0014887

lua-lpeg 1.0.2 with the fix is in Debian and Kali.

Issue History

Date Modified Username Field Change
2020-02-17 18:04 OS-69474 New Issue
2020-02-18 10:00 rhertzog Assigned To => rhertzog
2020-02-18 10:00 rhertzog Status new => assigned
2020-02-18 10:01 rhertzog Note Added: 0012297
2020-12-01 10:50 g0tmi1k Severity crash => minor
2021-02-21 17:52 g0tmi1k View Status private => public
2021-07-07 14:09 rhertzog Status assigned => resolved
2021-07-07 14:09 rhertzog Resolution open => fixed
2021-07-07 14:09 rhertzog Note Added: 0014887