[Pkg-openssl-devel] Bug#1013451: openssh-client: double free or corruption

Chris Hofstaedtler zeha at debian.org
Thu Jul 28 01:42:10 BST 2022


Control: reassign -1 libssl3
Control: affects -1 openssh-client

* Antonio <antdev66 at gmail.com>:
[..]
> #6 0x00007ffff7b2bd2cin ??() from /usr/lib/x86_64-linux-gnu/libcrypto.so.3
> #7 0x00007ffff7b1858ein BN_mod_exp_mont_consttime_x2() from
> /usr/lib/x86_64-linux-gnu/libcrypto.so.3
> #8 0x00007ffff7c77b6din ??() from /usr/lib/x86_64-linux-gnu/libcrypto.so.3
> #9 0x00007ffff7c79010in ??() from /usr/lib/x86_64-linux-gnu/libcrypto.so.3
> #10 0x00007ffff7c7d0d1in RSA_sign() from
> /usr/lib/x86_64-linux-gnu/libcrypto.so.3
> #11 0x00005555555d6ee0in ssh_rsa_sign(key=key at entry=0x5555556c89e0,
> sigp=sigp at entry=0x7fffffffc3c0,
> lenp=lenp at entry=0x7fffffffc3c8, data=data at entry=0x5555556b6e70 "",
> datalen=<optimized out>,
> alg_ident=alg_ident at entry=0x5555556b2da0 "rsa-sha2-512") at
> ../../ssh-rsa.c:206
[..]

* Andreas Tille <andreas at an3as.eu>:
>   2022-06-23 10:54:50 status installed libssl3:amd64 3.0.4-1


Might have been https://github.com/openssl/openssl/issues/18625 ?
Reassigning to libssl3 so the OpenSSL maintainers can make a
decision about this bug.

Chris




More information about the Pkg-openssl-devel mailing list