Package: unbound
Version: 1.13.1-1
Severity: normal

Our unbound crashed a twice over the weekend, until I shut it down and replaced it with different software. Now that I'm back at work, I'm looking at the logs and found these in the kernel logs:

Oct 24 04:59:27 resolver1 kernel: [3198942.847376] unbound[1211]: segfault at 108 ip 00005623be4dcc39 sp 00007febe13c4c40 error 4 in unbound[5623be419000+d6000] Oct 24 04:59:27 resolver1 kernel: [3198942.847414] Code: 74 62 4c 89 ef e8 97 4b f9 ff 48 89 c5 48 39 d8 74 52 48 85 c0 75 0f eb 4b 0f 1f 84 00 00 00 00 00 48 39 d8 74 3e 4c 8b 75 18 <49> 8b be 08 01 00 00 48 85 ff 74 1e e8 46 f1 f8 ff 85 c0 74 4a 49 Oct 24 07:50:14 resolver1 kernel: [ 8976.541688] unbound[1213]: segfault at 108 ip 0000557cb0287c39 sp 00007fedf2aefc40 error 4 in unbound[557cb01c4000+d6000] Oct 24 07:50:14 resolver1 kernel: [ 8976.541756] Code: 74 62 4c 89 ef e8 97 4b f9 ff 48 89 c5 48 39 d8 74 52 48 85 c0 75 0f eb 4b 0f 1f 84 00 00 00 00 00 48 39 d8 74 3e 4c 8b 75 18 <49> 8b be 08 01 00 00 48 85 ff 74 1e e8 46 f1 f8 ff 85 c0 74 4a 49 Oct 24 08:07:33 resolver1 kernel: [10015.526326] audit: type=1400 audit(1635062853.732:8): apparmor="DENIED" operation="capable" profile="/usr/sbin/unbound" pid=1527 comm="unbound" capability=1 capname="dac_override"

I upgraded all installed packages after the first crash and rebooted to the newest kernel. The capability error came after the second restart, and I've never seen unbound do that before. I don't really remember the last time unbound crashed before either.

I'm afraid this might not be much help, but since it smells a little of some security issue, I thought I should still report it.

Best Regards,

--
        Aleksi Suhonen

        () ascii ribbon campaign
        /\ support plain text e-mail

Reply via email to