KB Article #181789

Crash with SIGSEGV in libssl.so.1.1 at tls1_process_sigalgs

Problem

A crash with SIGSEGV in libssl.so.1.1 at tls1_process_sigalgs is observed, showing a stack trace similar to the following:

#5  0x0000000000000000 in signalHandler(int, siginfo*, void*) ()
   from /opt/Axway-7.7/apigateway/Linux.x86_64/bin/../../platform/jre/lib/amd64/server/libjvm.so
#6  <signal handler called>
#7  0x0000000000000000 in tls1_process_sigalgs () from /opt/Axway-7.7/apigateway/Linux.x86_64/bin/../../platform/lib/libssl.so.1.1
#8  0x0000000000000000 in tls1_set_server_sigalgs () from /opt/Axway-7.7/apigateway/Linux.x86_64/bin/../../platform/lib/libssl.so.1.1
#9  0x0000000000000000 in tls_post_process_client_hello () from /opt/Axway-7.7/apigateway/Linux.x86_64/bin/../../platform/lib/libssl.so.1.1
#10 0x0000000000000000 in state_machine () from /opt/Axway-7.7/apigateway/Linux.x86_64/bin/../../platform/lib/libssl.so.1.1
#11 0x0000000000000000 in ssl3_read_bytes () from /opt/Axway-7.7/apigateway/Linux.x86_64/bin/../../platform/lib/libssl.so.1.1
#12 0x0000000000000000 in ssl3_read_internal () from /opt/Axway-7.7/apigateway/Linux.x86_64/bin/../../platform/lib/libssl.so.1.1
#13 0x0000000000000000 in ssl_read_internal () from /opt/Axway-7.7/apigateway/Linux.x86_64/bin/../../platform/lib/libssl.so.1.1
#14 0x0000000000000000 in ssl_read () from /opt/Axway-7.7/apigateway/Linux.x86_64/bin/../../platform/lib/libssl.so.1.1
#15 0x0000000000000000 in bio_read_intern () from /opt/Axway-7.7/apigateway/Linux.x86_64/bin/../../platform/lib/libcrypto.so.1.1
#16 0x0000000000000000 in BIO_read () from /opt/Axway-7.7/apigateway/Linux.x86_64/bin/../../platform/lib/libcrypto.so.1.1
#17 0x0000000000000000 in Vordel::BIOConnection::read (this=0x000000000000, in=0x000000000000 "\020", maxlen=2048, timeout=60000) at connection.cpp:487
#18 0x0000000000000000 in Vordel::NetService::idleWaitData (this=<optimized out>, c=<optimized out>, buf=0x000000000000) at dwe.cpp:285
#19 0x0000000000000000 in Vordel::HTTPProtocol::handleConnection (this=0x0000000, service=0x000000, con=0x000000000000, auditSettings=0x0000000, id=0x0)
    at http.cpp:76
#20 0x0000000000000000 in Vordel::Interface::work (this=0x0000000) at interface.cpp:686
#21 0x0000000000000000 in Vordel::NetService::runDaemon (this=0x000000, curthread=<optimized out>) at dwe.cpp:889
#22 0x0000000000000000 in Vordel::DaemonThread::run (this=0x000000000000) at dwe.cpp:1145
#23 0x0000000000000000 in Vordel::Thread::entrypoint (this=0x000000000000) at thread.cpp:157
#24 0x0000000000000000 in Vordel::platformTrampoline (arg=<optimized out>) at thread.cpp:138
#25 0x0000000000000000 in start_thread () from /lib64/libpthread.so.0
#26 0x0000000000000000 in clone () from /lib64/libc.so.6


Resolution

This may be caused by exploiting CVE-2021-3449 to cause OpenSSL to crash. That CVE was corrected in OpenSSL 1.1.1k, which is available in 7.7 March 2021 or later releases. Anyone affected by this should upgrade their gateways to obtain a fixed version of OpenSSL.

Still need help?

If this information wasn't helpful to you, just drop us a line. We'll get back to you as soon as possible.