KDC segmentation fault on krb5kdc
abhilashvkm at gmail.com
Wed Nov 28 13:02:28 EST 2012
Thanks for the update!.
looks like upgrade to 1.10.X version will help.
>>child KDC process dies, the master process kills all of the other child
processes and exits
I saw this issue, in last few occurrence,where process hangs when child
process get segmentation fault.
Does any network/system setting trigger this.
we are running under Linux ( 2.6.32-300.4.1.el5uek Architecture:
we need to understand is there any specific scenario/test case where null
pointer dereference vulnerability in krb5 will trigger.(we didn't see this
On Wed, Nov 28, 2012 at 9:41 AM, Abhilash S <abhilashvkm at gmail.com> wrote:
> ---------- Forwarded message ----------
> From: Greg Hudson <ghudson at mit.edu>
> Date: Wed, Nov 28, 2012 at 8:26 AM
> Subject: Re: KDC segmentation fault on krb5kdc
> To: Abhilash S <abhilashvkm at gmail.com>
> Cc: krbdev at mit.edu
> On 11/27/2012 01:34 PM, Abhilash S wrote:
> > we are running krb5 in thread option (krb5kdc -w 4)
> The krb5kdc -w flag does not use threads, just processes.
> > some times child process hangs with out a clean shutdown and we need to
> > manually kill the hanging process
> Having to manually kill KDC processes after a child process crashes is
> unexpected. The intention (which holds true in my tests) is that if any
> child KDC process dies, the master process kills all of the other child
> processes and exits. From the log messages you quote, it looks like the
> master process was at least beginning to do that.
> >>From Syslog we saw segmentation fault on krb5kdc
> > kernel: krb5kdc: segfault at 0 ip 0000000000407781 sp
> > 00007fff250d0ca0 error 4 in krb5kdc[400000+1b000]
> > Is there any issue in running KDC in multithread model ?
> I'm not aware of any issues specific to the krb5kdc worker process
> feature. I am aware of a null pointer dereference vulnerability in krb5
> 1.9.2, however, which is fixed in later releases (1.9.4 or 1.10.x).
> Thanks & Regards,
Thanks & Regards,
More information about the krbdev