15.3 PRC: ssh audit race crashes

Bernd ecki at zusammenkunft.net
Sun May 16 03:39:28 UTC 2021 

Hello,

a while back (15.1) I had an support ticket (00202015) open for sshd
crashing or closing connections if sftp with high frequency of logins is
used. This was supposed to be fixed by this:Bz#1174162
(openssh-7.1p2-audit-race-condition.patch) which I do not see in the
changelog, and the rejections and crashes happen again.

Have all those fixes be backported to this or will there be an update to
this package available after the release?

localhost sshd[31128]: fatal: mm_request_receive_expect: read: rtype 123 !=
type 115
localhost sshd[32288]: fatal: mm_request_receive_expect: read: rtype 115 !=
type 123
localhost kernel: [10140.368402] sshd[32288]: segfault at 308 ip
00005560d39aa1f2 sp 00007fffe4488b60 error 4 in sshd[5560d3951000+d6000]
localhost kernel: [10140.368418] Code: 00 0f 1f 80 00 00 00 00 b8 fd ff ff
ff c3 66 2e 0f 1f 84 00 00 00 00 00 48 85 ff 74 3b 48 8b 87 20 01 00 00 48
85 c0 74 2f 53 <8b> 40 18 48 89 fb a8 02 75 2c a8 04 75 40 48 8b 7b 08 e8
77 4a fb
localhost systemd[1]: Started Process Core Dump (PID 32289/UID 0).
localhost systemd-coredump[32290]: Process 32288 (sshd) of user 1000 dumped
core.#012#012Stack trace of thread 32288:#012#0  0x00005560d39aa1f2 n/a
(sshd + 0x591f2)#012#1  0x00005560d39b0f30 n/a (sshd + 0x5ff30)#012#2
 0x00005560d3963da4 n/a (sshd + 0x12da4)#012#3  0x00005560d39aa70b n/a
(sshd + 0x5970b)#012#4  0x00005560d398243e n/a (sshd + 0x3143e)#012#5
 0x00005560d398504c n/a (sshd + 0x3404c)#012#6  0x00005560d39ae65d n/a
(sshd + 0x5d65d)#012#7  0x00005560d3974cac n/a (sshd + 0x23cac)#012#8
 0x00005560d39769fc n/a (sshd + 0x259fc)#012#9  0x00005560d3977ba1 n/a
(sshd + 0x26ba1)#012#10 0x00005560d39786f8 n/a (sshd + 0x276f8)#012#11
0x00005560d396cbee n/a (sshd + 0x1bbee)#012#12 0x00005560d39b64ea n/a (sshd
+ 0x654ea)#012#13 0x00005560d39b6599 n/a (sshd + 0x65599)#012#14
0x00005560d396e5ec n/a (sshd + 0x1d5ec)#012#15 0x00005560d3977233 n/a (sshd
+ 0x26233)#012#16 0x00005560d3961234 n/a (sshd + 0x10234)#012#17
0x00007fc44a5d034d __libc_start_main (libc.so.6 + 0x2534d)#012#18
0x00005560d3962eea n/a (sshd + 0x11eea)

Its a bit hard to replicate, but it is Apacke Mina sshd doing simple sftp
file uploads with some parallelity. I also tried internal-sftp subsystem,
ut it does not really help.

Gruss
Bernd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-beta/attachments/20210516/78fc7cbb/attachment.htm>

More information about the sle-beta mailing list