Ubuntu
libpam-radius-auth package

mysql crashed with a buffer overflow in /lib/security/pam_radius_auth.so

Bug #1708659 reported by Andy brown on 2017-08-04

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	libpam-radius-auth (Ubuntu)	New	Undecided	Unassigned

Bug Description

I've been testing pam authentication for mysql, and it's been working well. But when I connected to mysql today, it crashed and reported the following:

*** buffer overflow detected ***: /usr/sbin/mysqld terminated
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x777e5)[0x7f0d6dca97e5]
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x5c)[0x7f0d6dd4b11c]
/lib/x86_64-linux-gnu/libc.so.6(+0x117120)[0x7f0d6dd49120]
/lib/x86_64-linux-gnu/libc.so.6(+0x119067)[0x7f0d6dd4b067]
/lib/security/pam_radius_auth.so(+0x26a3)[0x7edd04af26a3]
/lib/security/pam_radius_auth.so(pam_sm_authenticate+0x22e)[0x7edd04af34ae]
/lib/x86_64-linux-gnu/libpam.so.0(+0x2ea6)[0x7edda33efea6]
/lib/x86_64-linux-gnu/libpam.so.0(pam_authenticate+0x2d)[0x7edda33ef61d]
/usr/lib/mysql/plugin/auth_pam.so(authenticate_user_with_pam_server+0xfa)[0x7edda35fc80a]
/usr/sbin/mysqld[0x77db75]
/usr/sbin/mysqld(_Z16acl_authenticateP3THD19enum_server_commandb+0x1085)[0x7816f5]
/usr/sbin/mysqld[0xc19894]
/usr/sbin/mysqld(_Z22thd_prepare_connectionP3THDb+0x69)[0xc1b309]
/usr/sbin/mysqld(_Z25threadpool_add_connectionP3THD+0x12a)[0xd0890a]
/usr/sbin/mysqld[0xd179e8]
/usr/sbin/mysqld(pfs_spawn_thread+0x1b4)[0x1229a04]
/lib/x86_64-linux-gnu/libpthread.so.0(+0x76ba)[0x7f0d6e8a46ba]
/lib/x86_64-linux-gnu/libc.so.6(clone+0x6d)[0x7f0d6dd393dd]

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: libpam-radius-auth 1.3.17-0ubuntu4
ProcVersionSignature: Ubuntu 4.4.0-83.106-generic 4.4.70
Uname: Linux 4.4.0-83-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.6
Architecture: amd64
Date: Fri Aug 4 13:07:45 2017
InstallationDate: Installed on 2017-06-21 (43 days ago)
InstallationMedia: Ubuntu-Server 16.04.1 LTS "Xenial Xerus" - Release amd64 (20160719)
JournalErrors:
Error: command ['journalctl', '-b', '--priority=warning', '--lines=1000'] failed with exit code 1: Hint: You are currently not seeing messages from other users and the system.
Users in the 'systemd-journal' group can see all messages. Pass -q to
turn off this notice.
No journal files were opened due to insufficient permissions.
SourcePackage: libpam-radius-auth
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.pam_radius_auth.conf: [modified]
mtime.conffile..etc.pam_radius_auth.conf: 2017-07-11T16:33:50.761355

Tags:

Revision history for this message

Andy brown (andybrown668) wrote on 2017-08-04:

Dependencies.txt Edit (1.3 KiB, text/plain; charset="utf-8")
ProcCpuinfoMinimal.txt Edit (1.1 KiB, text/plain; charset="utf-8")
ProcEnviron.txt Edit (110 bytes, text/plain; charset="utf-8")

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulibpam-radius-auth package