I ran into the same problem. Same libc6 version, upgrading also fixed it for me. The only difference is that it was getting SIGSYS'd when the privilege separated child (and only the privilege separated child process) did connect() to /dev/log. This meant that unattended upgrades broke my system when it upgraded stable ssh-server to +deb10u2.
I would say it definitely is a fairly severe bug given that 1) running mixed-release debian installs is a thing that people do, 2) upgrade stable-to-stable openssh breaks systems that were previously running fine with testing libc6, and 3) it's openssh-server.
