[SRU] segmentation fault for all https operations in libcrypto.so.1.0.0 on 'legacy' Intel Xeon CPUs
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenSSL |
Fix Released
|
Unknown
|
|||
openssl (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Precise |
Fix Released
|
High
|
Adam Gandelman | ||
s3cmd (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Precise |
Invalid
|
Undecided
|
Unassigned |
Bug Description
[IMPACT]
https operations that make use of openssl/libcrypto on specific legacy Intel CPUs results in SIGSEGV. This includes everything from utilities like wget and curl, to mail servers and everything in between.
[TESTCASE]
curl or wget a URL via the HTTPS, observe segfault. One user reports this is reproducible on Intel Xeon(TM) CPU 3.40GHz cpu family: 15.
[DEVELOPMENT FIX]
This bug has been fixed upstream since April 2012, see http://
[Regression Potential]
Low, relatively trivial patch that only uses 4_hmac_md56_cipher if the architecture is capable.
>> Original Bug <<
All `s3cmd` commands fail with a Segmentation Fault on Ubuntu 12.04 Precise Pangolin if `use_https = True` is set in the `$HOME/.s3cfg` file.
$ apt-cache policy s3cmd
s3cmd:
Installed: 1.0.0-1
Candidate: 1.0.0-1
Version table:
*** 1.0.0-1 0
500 http://
100 /var/lib/
$ s3cmd du
DEBUG: Updating Config.Config encoding -> UTF-8
DEBUG: Updating Config.Config follow_symlinks -> False
DEBUG: Updating Config.Config verbosity -> 30
DEBUG: Unicodising 'du' using UTF-8
DEBUG: Command: du
DEBUG: SignHeaders: 'GET\n\
DEBUG: CreateRequest: resource[uri]=/
DEBUG: SignHeaders: 'GET\n\
DEBUG: Processing request, please wait...
DEBUG: get_hostname(None): s3.amazonaws.com
DEBUG: format_uri(): /
Segmentation fault
$ gdb python
GNU gdb (Ubuntu/Linaro 7.4-2012.
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://
Reading symbols from /usr/bin/
(gdb) run /usr/bin/s3cmd du
Starting program: /usr/bin/python /usr/bin/s3cmd du
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff721b031 in RC4 () from /lib/x86_
(gdb) backtrace
#0 0x00007ffff721b031 in RC4 () from /lib/x86_
#1 0x00000000000000db in ?? ()
#2 0x000000000000009f in ?? ()
#3 0x0000000000ed91f0 in ?? ()
#4 0x00007ffff7281609 in ?? () from /lib/x86_
#5 0x00007ffff7583b0f in ?? () from /lib/x86_
#6 0x00007ffff757adb8 in ?? () from /lib/x86_
#7 0x00007ffff757b0e4 in ?? () from /lib/x86_
#8 0x000000000056f7ec in ?? ()
#9 0x0000000000562ad2 in PyEval_EvalFrameEx ()
#10 0x000000000056a166 in PyEval_EvalCodeEx ()
#11 0x000000000056312e in PyEval_EvalFrameEx ()
#12 0x000000000056a166 in PyEval_EvalCodeEx ()
#13 0x000000000056312e in PyEval_EvalFrameEx ()
#14 0x0000000000563070 in PyEval_EvalFrameEx ()
#15 0x000000000056a166 in PyEval_EvalCodeEx ()
#16 0x000000000056312e in PyEval_EvalFrameEx ()
#17 0x000000000056a166 in PyEval_EvalCodeEx ()
#18 0x000000000056312e in PyEval_EvalFrameEx ()
#19 0x0000000000563070 in PyEval_EvalFrameEx ()
#20 0x000000000056a166 in PyEval_EvalCodeEx ()
#21 0x000000000056312e in PyEval_EvalFrameEx ()
#22 0x000000000056a166 in PyEval_EvalCodeEx ()
#23 0x000000000056312e in PyEval_EvalFrameEx ()
#24 0x0000000000563070 in PyEval_EvalFrameEx ()
#25 0x0000000000563070 in PyEval_EvalFrameEx ()
#26 0x0000000000563070 in PyEval_EvalFrameEx ()
#27 0x0000000000563070 in PyEval_EvalFrameEx ()
#28 0x000000000056a166 in PyEval_EvalCodeEx ()
#29 0x000000000055f10b in ?? ()
#30 0x000000000055f9d4 in PyRun_FileExFlags ()
#31 0x000000000055fc41 in PyRun_SimpleFil
#32 0x000000000056102d in Py_Main ()
#33 0x00007ffff68e576d in __libc_start_main () from /lib/x86_
#34 0x000000000041b971 in _start ()
Changed in openssl: | |
status: | Unknown → Fix Released |
description: | updated |
Changed in openssl (Ubuntu): | |
status: | Confirmed → Fix Released |
Changed in s3cmd (Ubuntu Precise): | |
status: | New → Invalid |
Changed in openssl (Ubuntu Precise): | |
status: | New → Confirmed |
importance: | Undecided → High |
milestone: | none → ubuntu-12.04.1 |
summary: |
[SRU] segmentation fault for all https operations in libcrypto.so.1.0.0 + on 'legacy' Intel Xeon CPUs |
Changed in openssl (Ubuntu Precise): | |
status: | Confirmed → In Progress |
assignee: | nobody → Adam Gandelman (gandelman-a) |
tags: | added: verification-done |
tags: |
added: verification-done removed: verification-needed |
Changed in openssl (Ubuntu Precise): | |
milestone: | ubuntu-12.04.1 → ubuntu-12.04.2 |
Status changed to 'Confirmed' because the bug affects multiple users.