SS crashes in OpenSSL code EVP_MD_CTX_reset due to security scan
search cancel

SS crashes in OpenSSL code EVP_MD_CTX_reset due to security scan


Article ID: 219345


Updated On:


CA Spectrum


After enabling security scanning, there were multiple SpectroSERVERs that crashed with the following stack:

(gdb) where

#0  0x00007f67921b1b01 in EVP_MD_CTX_reset () from /opt/SPECTRUM/lib/

#1  0x00007f67921b2231 in EVP_MD_CTX_copy () from /opt/SPECTRUM/lib/

#2  0x00007f622f9ecd4d in tls1_mac () from /opt/SPECTRUM/lib/

#3  0x00007f622f9e07e2 in ssl3_read_bytes () from /opt/SPECTRUM/lib/

#4  0x00007f622f9e1a91 in ssl3_get_message () from /opt/SPECTRUM/lib/

#5  0x00007f622f9e1dfd in ssl3_get_finished () from /opt/SPECTRUM/lib/

#6  0x00007f622f9d50b1 in ssl3_accept () from /opt/SPECTRUM/lib/

#7  0x00007f622f911402 in mFt_Cryptlib_SSL_accept () from /opt/SPECTRUM/lib/

#8  0x00007f622f90721c in vbsec::VBSSLEngine::handshake() () from /opt/SPECTRUM/lib/

#9  0x00007f622f7e4ebc in vbsec::SSLConnection::doHandshake() () from /opt/SPECTRUM/lib/

#10 0x00007f622f7c4115 in vbsec::CSIV2Listener::accept(unsigned long long) () from /opt/SPECTRUM/lib/

#11 0x00007f678f715fd4 in VISSocketMTSCM::begin() () from /opt/SPECTRUM/lib/

#12 0x00007f678f0edf13 in VISThread::_start(void*) () from /opt/SPECTRUM/lib/

#13 0x00007f678e285ea5 in start_thread () from /lib64/

#14 0x00007f678dfae9fd in clone () from /lib64/



Release : 21.2

Component : Spectrum Core / SpectroSERVER


Security Scanning causes a code issue with OpenSSL.


This is resolved in NetOps (Spectrum) release 21.2.1 and above as the version of Visibroker being used by Spectrum has been updated.