Ubuntu
myproxy package

myproxy-logon segfault in libcrypto

Bug #1827999 reported by Graziano
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
myproxy (Ubuntu)
New
Undecided
Unassigned

Bug Description

lsb_release -rb
Description: Ubuntu 18.04.2 LTS
Release: 18.04

Package:

myproxy:
  Installed: 6.1.28-2
  Candidate: 6.1.28-2
  Version table:
 *** 6.1.28-2 500
        500 http://archive.ubuntu.com/ubuntu bionic/universe amd64 Packages
        100 /var/lib/dpkg/status

myproxy-logon -s xxxx.xxxx.xxxx.xxx -l username
Enter MyProxy pass phrase:
Segmentation fault (core dumped)

gdb dump:

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff722bd9b in i2c_ASN1_INTEGER ()
   from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
(gdb) where
#0 0x00007ffff722bd9b in i2c_ASN1_INTEGER ()
   from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#1 0x00007ffff7236f5f in asn1_ex_i2c ()
   from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#2 0x00007ffff723706a in ?? ()
   from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#3 0x00007ffff7237326 in ASN1_item_ex_i2d ()
   from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#4 0x00007ffff723799f in ?? ()
   from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#5 0x00007ffff7237407 in ASN1_item_ex_i2d ()
   from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#6 0x00007ffff7237a61 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#7 0x00007ffff7237407 in ASN1_item_ex_i2d ()
   from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#8 0x00007ffff723763f in ?? ()
   from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#9 0x00007ffff72469ce in PEM_ASN1_write_bio ()
   from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#10 0x00007ffff72487c9 in PEM_write_bio_X509 ()
   from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#11 0x00007ffff7bc02c1 in ssl_proxy_to_pem ()
---Type <return> to continue, or q <return> to quit---
   from /usr/lib/x86_64-linux-gnu/libmyproxy.so.6
#12 0x00007ffff7ba943c in GSI_SOCKET_delegation_accept ()
   from /usr/lib/x86_64-linux-gnu/libmyproxy.so.6
#13 0x00007ffff7bae044 in myproxy_accept_delegation_ex ()
   from /usr/lib/x86_64-linux-gnu/libmyproxy.so.6
#14 0x00007ffff7bb6584 in myproxy_get_delegation ()
   from /usr/lib/x86_64-linux-gnu/libmyproxy.so.6
#15 0x0000555555555d9e in ?? ()
#16 0x00007ffff6d27b97 in __libc_start_main ()
   from /lib/x86_64-linux-gnu/libc.so.6
#17 0x00005555555560da in ?? ()

Revision history for this message
Graziano (graziano-giuliani-gmail) wrote :

May be something similar to this CVE:

https://www.openssl.org/news/secadv/20160503.txt

?

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.