Comment # 9 on bug 1180501 from 
(In reply to Hans Petter Jansson from comment #3)
> Thanks for the core dump. This seems to be happening in a few locations, but
> I haven't been able to repro it here yet, not even with valgrind.
> 
> The dump makes it looks like a sshcipher_ctx struct has been partially
> overwritten with garbage. In cipher_free() it crashes on this line:
> 
> > if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) {
> 
> ...because cc->cipher points to a bad location (but it's not NULL).
> 
> Questions:
> 
> 1) Do you know more precisely when this started happening? I'm suspecting
> patches added to openssh or openssl this autumn.

sorry, no, but has been for 3 or 4 or more months

> 2) Could you run sshd like this (as root):
> 
> /usr/sbin/sshd -Dddd -p 2048
> 
> Then from a different shell session, connect to it like this:
> 
> ssh localhost -p 2048
> 
> ...and trigger the crash, then attach the sshd debug output here?

I will but I do not know what triggers the crash.  I will start the session you
describe and leave it open until I observe another crash, then report.

You are receiving this mail because: