[Bug 1836329] Re: Regression running ssllabs.com/ssltest causes 2 apache process to eat up 100% cpu, easy DoS
Andreas Hasenack
andreas at canonical.com
Wed Jul 17 19:17:32 UTC 2019
Cosmic verification
First, reproducing the bug with:
*** 2.4.34-1ubuntu2.2 500
500 http://us.archive.ubuntu.com/ubuntu cosmic-updates/main amd64 Packages
Then I enabled the required modules, restarted apache, kept monitoring cpu usage per process using top, and asked ssllabs for the test run
After the test finished, I still had apache processes using as much cpu as they could:
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
4709 www-data 20 0 759644 7616 5292 S 48.5 0.8 1:46.23 apache2
4710 www-data 20 0 759448 5068 2988 S 48.5 0.5 1:55.00 apache2
Installing the packages from proposed now:
*** 2.4.34-1ubuntu2.3 500
500 http://us.archive.ubuntu.com/ubuntu cosmic-proposed/main amd64 Packages
100 /var/lib/dpkg/status
2.4.34-1ubuntu2.2 500
500 http://us.archive.ubuntu.com/ubuntu cosmic-updates/main amd64 Packages
Hitting "clear cache" in the ssl labs report page triggers a re-run.
Test finished, and no sign of apache processes near the top:
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
4818 root 20 0 13808 4016 2848 S 1.0 0.4 0:05.14 tmux -u -2 -f /usr/share/byobu/profiles/tmuxrc new-session -n - /usr/bin/byobu-shell
1 root 20 0 123356 9388 6752 S 0.0 0.9 0:06.27 /sbin/init
Cosmic verification succeeded.
** Tags removed: verification-needed-cosmic
** Tags added: verification-done-cosmic
--
You received this bug notification because you are a member of Ubuntu
Server, which is subscribed to apache2 in Ubuntu.
https://bugs.launchpad.net/bugs/1836329
Title:
Regression running ssllabs.com/ssltest causes 2 apache process to eat
up 100% cpu, easy DoS
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1836329/+subscriptions
More information about the Ubuntu-server-bugs
mailing list