SPNEGO crash on mechanism failure
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
krb5 (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Xenial |
Fix Released
|
Medium
|
Eric Desrochers |
Bug Description
== SRU JUSTIFICATION ==
[Impact]
* Chrome (and other things) crash (segfault) when Kerberos fails to authenticate.
Thread 22 "Chrome_IOThread" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffdd687700 (LWP 14851)]
spnego_
lifetime_
at ../../.
2315 ../../.
(gdb) bt
#0 spnego_
lifetime_
at ../../.
#1 0x00007fffef72be54 in gss_inquire_context (minor_
targ_
opened=
* context_handle=0x0, segfault occurs trying to dereference a null pointer.
[Test Case]
* Reproducer
See dwmw2's (reporter of the bug) comment #3 :
https:/
[Regression Potential]
* none expected Y and Z release already has the krb5 upstream patch.
* Debian has the patch as well.
* A test package has been tested by more than 1 user with success (can't reproduce the crash) anymore)
[Other Info]
* Upstream fix :
https:/
* Pull Request :
https:/
* Chrome Bug :
https:/
* A test pkg including the upstream commit has been proven to fix the crash. See: https:/
==
[Original Description]
Chrome (and other things) crash when Kerberos fails to authenticate:
https:/
This was fixed in MIT krb5 in January:
https:/
Thread 22 "Chrome_IOThread" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffdd687700 (LWP 14851)]
spnego_
lifetime_
at ../../.
2315 ../../.
(gdb) bt
#0 spnego_
lifetime_
at ../../.
#1 0x00007fffef72be54 in gss_inquire_context (minor_
targ_
opened=
Changed in krb5 (Ubuntu): | |
importance: | Undecided → Low |
assignee: | nobody → Eric Desrochers (slashd) |
status: | Confirmed → In Progress |
description: | updated |
Changed in krb5 (Ubuntu): | |
importance: | Low → Medium |
description: | updated |
description: | updated |
Changed in krb5 (Ubuntu Xenial): | |
importance: | Undecided → Medium |
assignee: | nobody → Eric Desrochers (slashd) |
Changed in krb5 (Ubuntu): | |
status: | In Progress → Fix Released |
Changed in krb5 (Ubuntu Xenial): | |
status: | New → Confirmed |
status: | Confirmed → In Progress |
description: | updated |
description: | updated |
Changed in krb5 (Ubuntu): | |
assignee: | Eric Desrochers (slashd) → nobody |
description: | updated |
tags: | removed: sts-sponsor |
description: | updated |
tags: | removed: sts-sru |
tags: | added: sts-sru |
tags: |
added: sts-sru-done removed: sts-sru |
Status changed to 'Confirmed' because the bug affects multiple users.