2021-03-26 15:18:05 |
Mahantesh Salimath |
bug |
|
|
added bug |
2021-04-30 19:52:34 |
Mahantesh Salimath |
description |
"double free" error is seen when using curl utility. Error is from libcrypto.so which is part of the OpenSSL package. This happens only when OpenSSL is configured to use a dynamic engine.
OpenSSL version is 1.1.1f
This issue is not encountered if http://www.openssl.org/source/openssl-1.1.1f.tar.gz is used instead.
# curl -O https://tpo.pe/pathogen.vim
double free or corruption (out)
Aborted (core dumped) |
"double free" error is seen when using curl utility. Error is from libcrypto.so which is part of the OpenSSL package. This happens only when OpenSSL is configured to use a dynamic engine.
OpenSSL version is 1.1.1f
The issue is not encountered if http://www.openssl.org/source/openssl-1.1.1f.tar.gz is used instead.
OpenSSL can be configured to use a dynamic engine by editing the default openssl config file which is located at '/etc/ssl/openssl.cnf' on Ubuntu systems.
On Bluefield systems, config diff to enable PKA dynamic engine, is as below:
+openssl_conf = conf_section
+
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
oid_section = new_oids
+[ conf_section ]
+engines = engine_section
+
+[ engine_section ]
+bf = bf_section
+
+[ bf_section ]
+engine_id=pka
+dynamic_path=/usr/lib/aarch64-linux-gnu/engines-1.1/pka.so
+init=0
+
engine_id above refers to dynamic engine name/identifier.
dynamic_path points to the .so file for the dynamic engine.
# curl -O https://tpo.pe/pathogen.vim
double free or corruption (out)
Aborted (core dumped) |
|
2021-04-30 21:04:16 |
Mahantesh Salimath |
attachment added |
|
Core dump file https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1921518/+attachment/5493968/+files/core-curl.32878.localhost.localdomain.1619816112 |
|
2021-05-19 21:26:30 |
Dimitri John Ledkov |
information type |
Public |
Private |
|
2021-05-19 21:28:29 |
Dimitri John Ledkov |
information type |
Private |
Private Security |
|
2021-05-19 23:50:06 |
Dimitri John Ledkov |
bug |
|
|
added subscriber Andrew Cloke |
2021-05-20 00:12:31 |
Dimitri John Ledkov |
information type |
Private Security |
Private |
|
2021-05-20 00:12:46 |
Dimitri John Ledkov |
information type |
Private |
Public |
|
2021-05-20 00:13:50 |
Dimitri John Ledkov |
information type |
Public |
Private Security |
|
2021-05-20 00:15:45 |
Dimitri John Ledkov |
removed subscriber Andrew Cloke |
|
|
|
2021-05-20 00:24:20 |
Dimitri John Ledkov |
bug |
|
|
added subscriber OEM Solutions Group |
2021-05-20 00:38:30 |
Dimitri John Ledkov |
bug |
|
|
added subscriber cwayne |
2021-05-20 00:38:41 |
Dimitri John Ledkov |
removed subscriber cwayne |
|
|
|
2021-05-20 00:38:53 |
Dimitri John Ledkov |
bug |
|
|
added subscriber Chris Wayne |
2021-05-20 14:52:31 |
Rex Tsai |
bug |
|
|
added subscriber Rex Tsai |
2021-06-15 16:05:45 |
Nick Moffitt |
removed subscriber Chris Wayne |
|
|
|
2021-08-16 14:48:47 |
Mahantesh Salimath |
bug |
|
|
added subscriber Vladimir Sokolovsky |
2021-08-18 19:51:11 |
Mahantesh Salimath |
bug |
|
|
added subscriber Peter Kjersgard |
2021-08-18 22:32:32 |
Dimitri John Ledkov |
bug |
|
|
added subscriber Canonical Foundations Team |
2021-08-18 22:44:08 |
Dimitri John Ledkov |
openssl (Ubuntu): importance |
Undecided |
Critical |
|
2021-08-18 22:44:10 |
Dimitri John Ledkov |
information type |
Private Security |
Public Security |
|
2021-08-19 19:35:16 |
Brian Murray |
nominated for series |
|
Ubuntu Focal |
|
2021-08-19 19:35:16 |
Brian Murray |
bug task added |
|
openssl (Ubuntu Focal) |
|
2021-08-19 19:50:54 |
Brian Murray |
openssl (Ubuntu Focal): importance |
Undecided |
Critical |
|
2021-08-20 13:24:08 |
Dimitri John Ledkov |
openssl (Ubuntu): status |
New |
Incomplete |
|
2021-08-20 13:24:10 |
Dimitri John Ledkov |
openssl (Ubuntu Focal): status |
New |
Incomplete |
|
2021-08-20 13:24:12 |
Dimitri John Ledkov |
openssl (Ubuntu Focal): importance |
Critical |
Undecided |
|
2021-08-20 13:24:14 |
Dimitri John Ledkov |
openssl (Ubuntu): importance |
Critical |
Undecided |
|
2021-08-26 00:54:11 |
Dimitri John Ledkov |
cve linked |
|
2021-3711 |
|
2021-08-26 00:54:11 |
Dimitri John Ledkov |
cve linked |
|
2021-3712 |
|
2021-09-01 07:28:46 |
Alfonso Sanchez-Beato |
bug |
|
|
added subscriber Alfonso Sanchez-Beato |
2021-10-28 06:56:41 |
Eyal Itkin |
bug |
|
|
added subscriber Eyal Itkin |
2021-11-09 15:59:57 |
Vladimir Sokolovsky |
bug |
|
|
added subscriber Alex Kaluzhny |
2021-11-10 22:00:19 |
Matthieu Clemenceau |
tags |
|
fr-1852 |
|
2021-11-12 17:05:32 |
Julian Andres Klode |
bug task added |
|
wget (Ubuntu) |
|
2021-11-12 17:05:39 |
Julian Andres Klode |
bug task added |
|
curl (Ubuntu) |
|
2021-11-12 17:06:01 |
Julian Andres Klode |
curl (Ubuntu): status |
New |
Fix Released |
|
2021-11-12 17:06:04 |
Julian Andres Klode |
wget (Ubuntu): status |
New |
Fix Released |
|
2021-11-12 17:06:08 |
Julian Andres Klode |
wget (Ubuntu Focal): status |
New |
Triaged |
|
2021-11-12 17:06:11 |
Julian Andres Klode |
curl (Ubuntu Focal): status |
New |
Triaged |
|
2021-11-12 17:15:49 |
Julian Andres Klode |
description |
"double free" error is seen when using curl utility. Error is from libcrypto.so which is part of the OpenSSL package. This happens only when OpenSSL is configured to use a dynamic engine.
OpenSSL version is 1.1.1f
The issue is not encountered if http://www.openssl.org/source/openssl-1.1.1f.tar.gz is used instead.
OpenSSL can be configured to use a dynamic engine by editing the default openssl config file which is located at '/etc/ssl/openssl.cnf' on Ubuntu systems.
On Bluefield systems, config diff to enable PKA dynamic engine, is as below:
+openssl_conf = conf_section
+
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
oid_section = new_oids
+[ conf_section ]
+engines = engine_section
+
+[ engine_section ]
+bf = bf_section
+
+[ bf_section ]
+engine_id=pka
+dynamic_path=/usr/lib/aarch64-linux-gnu/engines-1.1/pka.so
+init=0
+
engine_id above refers to dynamic engine name/identifier.
dynamic_path points to the .so file for the dynamic engine.
# curl -O https://tpo.pe/pathogen.vim
double free or corruption (out)
Aborted (core dumped) |
[Impact]
openssl config file is being loaded twice, causing engines to be loaded twice if specified therein, causing double free errors and other strange behavior.
[Test plan]
Run the command of the package being tested in
gdb -ex "break CONF_modules_load_file" -ex "run" --args
and make sure it only breaks one.
[Where problems could occur]
wget: This is an upstream change that changes initialization and is in use in later releases. Since it mostly removes an unneeded call to the load file function, a regression could be a config file being ignored, but it seems unlikely given the use in later releases
[Original bug report]
"double free" error is seen when using curl utility. Error is from libcrypto.so which is part of the OpenSSL package. This happens only when OpenSSL is configured to use a dynamic engine.
OpenSSL version is 1.1.1f
The issue is not encountered if http://www.openssl.org/source/openssl-1.1.1f.tar.gz is used instead.
OpenSSL can be configured to use a dynamic engine by editing the default openssl config file which is located at '/etc/ssl/openssl.cnf' on Ubuntu systems.
On Bluefield systems, config diff to enable PKA dynamic engine, is as below:
+openssl_conf = conf_section
+
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
oid_section = new_oids
+[ conf_section ]
+engines = engine_section
+
+[ engine_section ]
+bf = bf_section
+
+[ bf_section ]
+engine_id=pka
+dynamic_path=/usr/lib/aarch64-linux-gnu/engines-1.1/pka.so
+init=0
+
engine_id above refers to dynamic engine name/identifier.
dynamic_path points to the .so file for the dynamic engine.
# curl -O https://tpo.pe/pathogen.vim
double free or corruption (out)
Aborted (core dumped) |
|
2021-11-12 17:16:23 |
Julian Andres Klode |
wget (Ubuntu Focal): status |
Triaged |
In Progress |
|
2021-11-12 17:40:28 |
Julian Andres Klode |
bug task deleted |
curl (Ubuntu) |
|
|
2021-11-12 17:40:33 |
Julian Andres Klode |
bug task deleted |
curl (Ubuntu Focal) |
|
|
2021-11-12 17:54:42 |
Steve Langasek |
wget (Ubuntu Focal): status |
In Progress |
Incomplete |
|
2021-11-12 20:09:21 |
Julian Andres Klode |
description |
[Impact]
openssl config file is being loaded twice, causing engines to be loaded twice if specified therein, causing double free errors and other strange behavior.
[Test plan]
Run the command of the package being tested in
gdb -ex "break CONF_modules_load_file" -ex "run" --args
and make sure it only breaks one.
[Where problems could occur]
wget: This is an upstream change that changes initialization and is in use in later releases. Since it mostly removes an unneeded call to the load file function, a regression could be a config file being ignored, but it seems unlikely given the use in later releases
[Original bug report]
"double free" error is seen when using curl utility. Error is from libcrypto.so which is part of the OpenSSL package. This happens only when OpenSSL is configured to use a dynamic engine.
OpenSSL version is 1.1.1f
The issue is not encountered if http://www.openssl.org/source/openssl-1.1.1f.tar.gz is used instead.
OpenSSL can be configured to use a dynamic engine by editing the default openssl config file which is located at '/etc/ssl/openssl.cnf' on Ubuntu systems.
On Bluefield systems, config diff to enable PKA dynamic engine, is as below:
+openssl_conf = conf_section
+
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
oid_section = new_oids
+[ conf_section ]
+engines = engine_section
+
+[ engine_section ]
+bf = bf_section
+
+[ bf_section ]
+engine_id=pka
+dynamic_path=/usr/lib/aarch64-linux-gnu/engines-1.1/pka.so
+init=0
+
engine_id above refers to dynamic engine name/identifier.
dynamic_path points to the .so file for the dynamic engine.
# curl -O https://tpo.pe/pathogen.vim
double free or corruption (out)
Aborted (core dumped) |
[Impact]
openssl config file is being loaded twice, causing engines to be loaded twice if specified therein, causing double free errors and other strange behavior.
[Test plan]
Run the command of the package being tested in
gdb -ex "break CONF_modules_load_file" -ex "run" --args
and make sure it only breaks one.
Regression test:
In default Ubuntu configuration, either no openssl configuration is provided, or it contains no settings that affect wget. This code path changes how/when openssl configuration is loaded and used by openssl. One should verify that:
1) wget continues to work without openssl.cnf
2) wget continues to work with stock ubuntu unmodified openssl.cnf
3) wget continue to honor and use custom TLS settings that one may have specified in openssl.cnf (for example custom engine)
[Where problems could occur]
wget: This is an upstream change that changes initialization and is in use in later releases. Since it mostly removes an unneeded call to the load file function, a regression could be a config file being ignored, but it seems unlikely given the use in later releases
[Original bug report]
"double free" error is seen when using curl utility. Error is from libcrypto.so which is part of the OpenSSL package. This happens only when OpenSSL is configured to use a dynamic engine.
OpenSSL version is 1.1.1f
The issue is not encountered if http://www.openssl.org/source/openssl-1.1.1f.tar.gz is used instead.
OpenSSL can be configured to use a dynamic engine by editing the default openssl config file which is located at '/etc/ssl/openssl.cnf' on Ubuntu systems.
On Bluefield systems, config diff to enable PKA dynamic engine, is as below:
+openssl_conf = conf_section
+
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
oid_section = new_oids
+[ conf_section ]
+engines = engine_section
+
+[ engine_section ]
+bf = bf_section
+
+[ bf_section ]
+engine_id=pka
+dynamic_path=/usr/lib/aarch64-linux-gnu/engines-1.1/pka.so
+init=0
+
engine_id above refers to dynamic engine name/identifier.
dynamic_path points to the .so file for the dynamic engine.
# curl -O https://tpo.pe/pathogen.vim
double free or corruption (out)
Aborted (core dumped) |
|
2021-11-15 13:56:54 |
Julian Andres Klode |
wget (Ubuntu Focal): status |
Incomplete |
In Progress |
|
2021-11-15 14:19:28 |
Łukasz Zemczak |
wget (Ubuntu Focal): status |
In Progress |
Fix Committed |
|
2021-11-15 14:19:30 |
Łukasz Zemczak |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2021-11-15 14:19:32 |
Łukasz Zemczak |
bug |
|
|
added subscriber SRU Verification |
2021-11-15 14:19:38 |
Łukasz Zemczak |
tags |
fr-1852 |
fr-1852 verification-needed verification-needed-focal |
|
2021-11-15 23:52:39 |
Seth Arnold |
attachment added |
|
archive grep for CONF_modules_load_file https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1921518/+attachment/5541087/+files/openssl-conf-modules-load-file-15-10%3A46%3A37.gz |
|
2021-11-17 10:46:56 |
Mathew Hodson |
bug task deleted |
openssl (Ubuntu Focal) |
|
|
2021-11-17 10:47:03 |
Mathew Hodson |
bug task deleted |
openssl (Ubuntu) |
|
|
2021-11-23 15:19:01 |
Julian Andres Klode |
tags |
fr-1852 verification-needed verification-needed-focal |
fr-1852 verification-done verification-done-focal |
|
2021-11-25 11:00:00 |
Launchpad Janitor |
wget (Ubuntu Focal): status |
Fix Committed |
Fix Released |
|
2021-11-25 11:00:16 |
Łukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|