Versions Affected : All versions prior to TrueNAS 12.0-U5


Description

libcasper(3) allows Capsicum-sandboxed applications to define and use system interfaces which are ordinarily disallowed. It is used by multiple programs in the base system, such as logger(1).

libcasper(3) creates service processes by forking the calling process, so they initially inherit the calling process’ file descriptor table. Casper services expect the lowest 3 file descriptors, traditionally corresponding to standard input, output, and error, are redirected to /dev/null. libcasper(3) ensures this is the case. However, it did not handle the possibility that one of them is closed, and this scenario would trigger an assertion failure during service creation, resulting in a crash. Some applications, such as logger(1), may crash if one of the standard descriptors is closed when Casper services are started, typically during program initialization.


Workaround

No workaround is available.


Mitigation

  • Upgrade to TrueNAS 12.0-U5 or later.

Commit


Further information