[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#361669: openssh-server: glibc detected - double free or corruption (prebanner crash)

Package: openssh-server
Version: 1:4.2p1-7
Severity: grave
Justification: renders package unusable


When I start the SSH service, it boots fine and doesn't say anything strange. However, when I connect to it, the child process serving the connection crashes pre-banner (just after the connection is established, before the SSH server says anything).

If I run it in debug mode, it says:

debug2: fd 3 setting O_NONBLOCK
debug3: privsep user:group 101:65534
debug1: permanently_set_uid: 101/65534
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug3: mm_request_send entering: type 37
debug3: mm_request_receive_expect entering: type 38
debug3: mm_request_receive entering
debug2: Network child is on pid 4163
debug3: preauth child monitor started
debug3: mm_request_receive entering
debug3: monitor_read: checking request 37
*** glibc detected *** double free or corruption (!prev): 0x0809c058 ***
/etc/init.d/ssh: line 37:  4162 Aborted                 start-stop-daemon --star
t --quiet --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS

And here's another debug mode run:

debug3: privsep user:group 101:65534
debug1: permanently_set_uid: 101/65534
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug3: mm_request_send entering: type 37
debug3: mm_request_receive_expect entering: type 38
debug3: mm_request_receive entering
debug2: Network child is on pid 1557
debug3: preauth child monitor started
debug3: mm_request_receive entering
debug3: monitor_read: checking request 37
*** glibc detected *** double free or corruption (!prev): 0x0809c060 ***
/etc/init.d/ssh: line 37:  1556 Aborted                 start-stop-daemon --star
t --quiet --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS
debug1: do_cleanup
debug1: PAM: cleanup
debug3: PAM: sshpam_thread_cleanup entering

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.8-2-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages openssh-server depends on:
ii  adduser       3.85                       Add and remove users and groups
ii  debconf [debc 1.4.72                     Debian configuration management sy
ii  dpkg          1.13.17                    package maintenance system for Deb
ii  libc6         2.3.6-3                    GNU C Library: Shared libraries an
ii  libcomerr2    1.38+1.39-WIP-2005.12.31-1 common error description library
ii  libkrb53      1.4.3-6                    MIT Kerberos runtime libraries
ii  libpam-module 0.79-3.1                   Pluggable Authentication Modules f
ii  libpam-runtim 0.79-3.1                   Runtime support for the PAM librar
ii  libpam0g      0.79-3.1                   Pluggable Authentication Modules l
ii  libselinux1   1.30-1                     SELinux shared libraries
ii  libssl0.9.8   0.9.8a-7                   SSL shared libraries
ii  libwrap0      7.6.dbs-9                  Wietse Venema's TCP wrappers libra
ii  openssh-clien 1:4.2p1-7                  Secure shell client, an rlogin/rsh
ii  zlib1g        1:1.2.3-11                 compression library - runtime

openssh-server recommends no packages.

-- debconf information:
  ssh/insecure_rshd:
* ssh/insecure_telnetd:
  ssh/new_config: true
* ssh/use_old_init_script: true
  ssh/encrypted_host_key_but_no_keygen:
  ssh/disable_cr_auth: false
Reply to: