debian10/11 ssh from ipv6 address not in /etc/hosts.allow = sshd segfault segfault

To: debian-user@lists.debian.org
Subject: debian10/11 ssh from ipv6 address not in /etc/hosts.allow = sshd segfault segfault
From: raf <debian@raf.org>
Date: Tue, 17 Aug 2021 11:17:05 +1000
Message-id: <YRsOEfjXSD20LSw/@raf.org>
Mail-followup-to: debian-user@lists.debian.org

Hi,

I just noticed many many sshd segfaults listed in
/var/log/kern.log. There are two versions. They look
like this:

  sshd[1086]: segfault at 7fff615eaec8 ip
  00007ff2a586f42f sp 00007fff615eaed0 error 6 in
  libwrap.so.0.7.6[7ff2a586e000+5000]

  sshd[1094]: segfault at 7ffcd3ff6f08 ip
  00007f18d4f5dac7 sp 00007ffcd3ff6ed0 error 6 in
  libc-2.31.so[7f18d4f2a000+14b000]

The hex addresses are different each time, but the rest
is the same.

It happens every time there's an incoming ssh
connection attempt via IPv6 when the IPv6 address isn't
listed in /ertc/hosts.allow. There are many because
it's a cronned backup.

I am using /etc/hosts.allow for sshd and have a mixture
of IPv4 and IPv6 addresses in it.

When I added the IPv6 address in question to
/etc/hosts.allow, the segfaults stopped and the
connections worked.

This started 2 days before I upgraded to debian11 and
there was a different version number for libc (so it's
not new), but it's still happening with debian11.

It might be a bug in libwrap0 (whose version number
didn't change much), or in how openssh-server is using
it.

cheers,
raf

Reply to:

Follow-Ups:
- Re: debian10/11 ssh from ipv6 address not in /etc/hosts.allow = sshd segfault segfault
  - From: Andy Smith <andy@strugglers.net>

Prev by Date: Re: Moving from Testing to Stable + Backports
Next by Date: Relatively boring bullseye upgrade reports
Previous by thread: Re: Debian 11 bullseye Gdm3 nvidia 7200go nouveau glitches and more
Next by thread: Re: debian10/11 ssh from ipv6 address not in /etc/hosts.allow = sshd segfault segfault
Index(es):
- Date
- Thread