Ubuntu
openssl package

Illegal opcode in libssl

Bug #2063271 reported by John Todd Palumbo
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openssl (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

Many programs using openssl now fail, typically with messages such as

  Illegal instruction (core dumped)

This seems to be a serious error, since it affects, for example, update-manager. Since this makes it harder to get security updates, I would also consider it a security vulnerability.

The issue seems to be that openssl seems to be an attempt to use an illegal opcode. A few sample entries in /var/log/syslog are:

Apr 21 19:16:39 einstein kernel: [495465.431588] traps: update-manager[396881] trap invalid opcode ip:740964b8ac6b sp:7409552125b0 error:0 in libssl.so.3[740964b7a000+5b000]
Apr 21 19:16:55 einstein kernel: [495482.104658] traps: python3[396949] trap invalid opcode ip:73607be8ac6b sp:736074d8d5b0 error:0 in libssl.so.3[73607be7a000+5b000]
Apr 21 19:40:05 einstein kernel: [496871.653271] traps: chrome-gnome-sh[397293] trap invalid opcode ip:79432ffa7c6b sp:7ffd6bc03e70 error:0 in libssl.so.3[79432ff97000+5b000]
Apr 22 16:23:08 einstein kernel: [501744.765118] traps: check-new-relea[400397] trap invalid opcode ip:797c7cc8ac6b sp:797c6cace5b0 error:0 in libssl.so.3[797c7cc7a000+5b000]
Apr 23 15:08:03 einstein kernel: [518701.050526] traps: wget[443588] trap invalid opcode ip:73a8b2eb4c6b sp:7ffc04918740 error:0 in libssl.so.3[73a8b2ea4000+5b000]
Apr 23 15:12:55 einstein kernel: [518992.493020] traps: curl[443851] trap invalid opcode ip:7e4e3951dc6b sp:7ffc804d2ed0 error:0 in libssl.so.3[7e4e3950d000+5b000]
Apr 23 15:13:32 einstein kernel: [519029.181422] traps: apport-gtk[444404] trap invalid opcode ip:7039180f5c6b sp:703902bfaad0 error:0 in libssl.so.3[7039180e5000+5b000]

This bug report itself had to be submitted manually since ubuntu-bug now itself fails.

lsb_release -rd reports:

  Description: Ubuntu 22.04.4 LTS
  Release: 22.04

apt-cache policy openssl reports:

  openssl:
    Installed: 3.0.2-0ubuntu1.15
    Candidate: 3.0.2-0ubuntu1.15
    Version table:
   *** 3.0.2-0ubuntu1.15 500
          500 http://us.archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages
          500 http://security.ubuntu.com/ubuntu jammy-security/main amd64 Packages
          100 /var/lib/dpkg/status
       3.0.2-0ubuntu1 500
           500 http://us.archive.ubuntu.com/ubuntu jammy/main amd64 Packages

/proc/version for my computer gives

  Linux version 6.5.0-28-generic (buildd@lcy02-amd64-098) (x86_64-linux-gnu-gcc-12 (Ubuntu 12.3.0-1ubuntu1~22.04) 12.3.0, GNU ld (GNU Binutils for Ubuntu) 2.38) #29~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Thu
  Apr 4 14:39:20 UTC 2

/proc/cpuinfo for my computer starts

processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 78
model name : Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz
stepping : 3
microcode : 0xf0
cpu MHz : 500.018
cache size : 4096 KB
physical id : 0
siblings : 4
core id : 0
cpu cores : 2
apicid : 0
initial apicid : 0
fpu : yes
fpu_exception : yes
cpuid level : 22
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities
bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit srbds mmio_stale_data retbleed gds
bogomips : 5199.98
clflush size : 64
cache_alignment : 64
address sizes : 39 bits physical, 48 bits virtual
power management:
...

John Todd Palumbo (jtpalumbo)
information type: Private Security → Public
Revision history for this message
Alex Murray (alexmurray) wrote :

Thanks for reporting this issue - but it is strange since this update has been published since 2024-02-27 and this is the first such report of any issues.

Also given this update has been available for nearly 2 months it is surprising you are seeing errors from it so much later - I wonder if instead whether the on-disk binary has been corrupted? Can you please try reinstalling libssl3 and see if that resolves the issue:

sudo apt install --reinstall libssl3

If this does resolve the issue, it might be worth checking whether you have any failing hardware / disks etc that may have led to this problem.

Revision history for this message
John Todd Palumbo (jtpalumbo) wrote :

Thank you for your quick and helpful reply. A few quick checks make it appear that reinstalling libssl as you suggested has completely resolved the problem.

Thanks also for your suggestion about checking failing hardware. There seems to be no sign of any errors in my drive, but I'll continue to test the drive and my RAM. Perhaps it was just a stray cosmic ray.

Thanks again and best wishes to successful bug smashing!

Seth Arnold (seth-arnold)
affects: openssh (Ubuntu) → openssl (Ubuntu)
Revision history for this message
Adrien Nader (adrien) wrote :

AFAIU there is no issue in the package at the moment so I'll close the report. Thanks for investigating and trying the package reinstallation. (Also, Alex, impressive intuition!)

Changed in openssl (Ubuntu):
status: New → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.