0006108: nmap segfault due to lua-lpeg

ID	Project	Category	View Status	Date Submitted	Last Update

0006108	Kali Linux	Kali Package Bug	public	2020-02-17 18:04	2021-07-07 14:09

Reporter	OS-69474	Assigned To	rhertzog
Priority	normal	Severity	minor	Reproducibility	always
Status	resolved	Resolution	fixed
Product Version	2020.1

Summary	0006108: nmap segfault due to lua-lpeg
Description	Scanning a specific lab host using the vulners script will consistently lead to a crash. I made a post about it in the PWK forums.
Additional Information	Log from dmesg: [14294.399735] nmap[13062]: segfault at 7ffe3cddeff8 ip 00007ff3ca9264c7 sp 00007ffe3cddf000 error 6 in liblua5.3-lpeg.so.2.0.0[7ff3ca920000+a000] [14294.399745] Code: 8d 50 f1 80 fa 01 77 0b b8 01 00 00 00 5b c3 0f 1f 40 00 48 8b 15 09 3b 20 00 0f b6 04 02 3c 01 74 21 3c 02 75 2d 48 8d 7b 08 <e8> 64 ba ff ff 85 c0 75 d5 48 63 43 04 48 8d 1c c3 eb ba 66 0f 1f I was able to resolve the problem for myself by building the lua-lpeg package with the following patch included: https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=942031;filename=lua-lpeg_1.0.0-2ubuntu1.debdiff;msg=5

rhertzog 2020-02-18 10:01 administrator ~0012297	Thanks for the report. I pinged the Debian maintainer privately to try to get the fix into Debian, possibly by packaging the new upstream release 1.0.2. https://tracker.debian.org/pkg/lua-lpeg

rhertzog 2021-07-07 14:09 administrator ~0014887	lua-lpeg 1.0.2 with the fix is in Debian and Kali.

Date Modified	Username	Field	Change
2020-02-17 18:04	OS-69474	New Issue
2020-02-18 10:00	rhertzog	Assigned To	=> rhertzog
2020-02-18 10:00	rhertzog	Status	new => assigned
2020-02-18 10:01	rhertzog	Note Added: 0012297
2020-12-01 10:50	g0tmi1k	Severity	crash => minor
2021-02-21 17:52	g0tmi1k	View Status	private => public
2021-07-07 14:09	rhertzog	Status	assigned => resolved
2021-07-07 14:09	rhertzog	Resolution	open => fixed
2021-07-07 14:09	rhertzog	Note Added: 0014887