Package: unbound
Version: 1.13.1-1
Severity: normal
Our unbound crashed a twice over the weekend, until I shut it down and
replaced it with different software. Now that I'm back at work, I'm
looking at the logs and found these in the kernel logs:
Oct 24 04:59:27 resolver1 kernel: [3198942.847376] unbound[1211]:
segfault at 108 ip 00005623be4dcc39 sp 00007febe13c4c40 error 4 in
unbound[5623be419000+d6000]
Oct 24 04:59:27 resolver1 kernel: [3198942.847414] Code: 74 62 4c 89 ef
e8 97 4b f9 ff 48 89 c5 48 39 d8 74 52 48 85 c0 75 0f eb 4b 0f 1f 84 00
00 00 00 00 48 39 d8 74 3e 4c 8b 75 18 <49> 8b be 08 01 00 00 48 85 ff
74 1e e8 46 f1 f8 ff 85 c0 74 4a 49
Oct 24 07:50:14 resolver1 kernel: [ 8976.541688] unbound[1213]: segfault
at 108 ip 0000557cb0287c39 sp 00007fedf2aefc40 error 4 in
unbound[557cb01c4000+d6000]
Oct 24 07:50:14 resolver1 kernel: [ 8976.541756] Code: 74 62 4c 89 ef e8
97 4b f9 ff 48 89 c5 48 39 d8 74 52 48 85 c0 75 0f eb 4b 0f 1f 84 00 00
00 00 00 48 39 d8 74 3e 4c 8b 75 18 <49> 8b be 08 01 00 00 48 85 ff 74
1e e8 46 f1 f8 ff 85 c0 74 4a 49
Oct 24 08:07:33 resolver1 kernel: [10015.526326] audit: type=1400
audit(1635062853.732:8): apparmor="DENIED" operation="capable"
profile="/usr/sbin/unbound" pid=1527 comm="unbound" capability=1
capname="dac_override"
I upgraded all installed packages after the first crash and rebooted to
the newest kernel. The capability error came after the second restart,
and I've never seen unbound do that before. I don't really remember the
last time unbound crashed before either.
I'm afraid this might not be much help, but since it smells a little of
some security issue, I thought I should still report it.
Best Regards,
--
Aleksi Suhonen
() ascii ribbon campaign
/\ support plain text e-mail
