[Pkg-openssl-devel] Bug#1110254: Bug#1110254: libssl3: segfault in libcrypto.so.3
Thomas Stangner
thomas at shadowweb.org
Mon Aug 4 15:14:16 BST 2025
Hi,
I am experiencing the same problems described here: MariaDB and
PostgreSQL services are segfaulting after the update to
libssl3-3.0.17-1~deb12u1.
According to my tests, segfaults only occur in multithreaded conditions
- for example if multiple MySQL clients connect at the same time to the
MariaDB server.
I can confirm that reverting the following patches (which rework the
x509 store code) resolves the problem:
https://github.com/openssl/openssl/commit/7141330fb98ceab643729f2d0f445f79f26addce
https://github.com/openssl/openssl/commit/340383f5f49f84ed802dac268e6c12971d837f75
https://github.com/openssl/openssl/commit/a468bdb02531e47d89119444dafd35e9dbe09cdf
My guess is that the code changes broke thread safety of libssl and that
additional locking (either in libssl or the caller side) is needed to
prevent the race and the resulting corruption.
More information about the Pkg-openssl-devel
mailing list