[Pkg-openssl-devel] Bug#665836: Bug#665836: openssh-server: segfault error 6 in libcrypto.so.1.0.0

Karl Chen quarl+keyword+debbugs.533ecf at nospam.quarl.org
Fri Mar 30 14:17:57 UTC 2012 

I have the same problem as Kurt with libcrypto1.0.0 from
libssl1.0.0 version 1.0.1-2.  The same happens on two
different i386 hosts.

Among other ways, here are two ways to reproducibly cause
libcrypto to segfault:
- Sshing to a host with libssl1.0.0 1.0.1-2 and running
  'ssh-add -l' there causes the sshd process to segfault
- Sshing from a host with libssl1.0.0 1.0.1-2 to another
  host causes the ssh client to segfault after
  authentication

In both cases the segfault happens in
/usr/lib/i386-Linux-gnu/i686/cmov/libcrypto.so.1.0.0 in
vpaes-x86.s, somewhere in vpaes_cbc_encrypt().

The ssh-add segfault happens with an RSA key.  If I don't
forward the ssh agent connection (or don't use one at all),
'ssh-add -l' doesn't cause a segfault.

Kernel log:
    Mar 30 08:44:43 kernel: sshd[19995]: segfault at b8911000 ip b756c678 sp bfe85f00 error 6 in libcrypto.so.1.0.0[b7503000+1a3000]
    Mar 30 08:44:43 kernel: ssh[20661]: segfault at b7ba8000 ip b756e0cd sp bfd4d44c error 4 in libcrypto.so.1.0.0[b7505000+1a3000]

Strace and ltrace don't show anything useful.

strace:
    read(3, "...", 16384) = 72
    --- SIGSEGV (Segmentation fault) @ 0 (0) ---

ltrace:
    23942 --- SIGSEGV (Segmentation fault) ---
    23942 +++ killed by SIGSEGV +++

Gdb backtrace (with libssl1.0.0-dbg version 1.0.1-2
installed):
    (gdb) bt
    #0 vpaes_cbc_encrypt () at vpaes-x86.s:646 1 0xc585e35b
    #in ?? ()

The outbound openssh-client segfaults trying to connect to
target hosts of various older openssh versions, even with
ssh agent and X forwarding disabled.

    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: Roaming not allowed by server
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey,password
    debug1: Next authentication method: publickey
    debug1: Trying private key: ...
    debug1: Trying private key: ...
    debug1: Trying private key: ...
    debug1: Next authentication method: password
    xxx at xxx's password:
    zsh: segmentation fault  command ssh -a -x -v xxx

Strace/ltrace don't show anything useful.

Gdb backtrace:

    (gdb) bt
    #0  _vpaes_decrypt_core () at vpaes-x86.s:221
    #1  0xb7e4c665 in vpaes_cbc_encrypt () at vpaes-x86.s:641
    #2  0x34e2e746 in ?? ()

I've downgraded to libssl1.0.0 version 1.0.0h-1 which works.

More information about the Pkg-openssl-devel mailing list