[LUGOS-SEC] Re: [LUGOS-BLA] neki se je xfrkal

Joze Klepec joze.klepec at siol.net
Thu Nov 30 12:35:43 CET 2006 

popravek:

Kaj to je, presodite sami. mogoče sem zagnal paniko, morda pa imam  
prav. Kernel  je 2.6.18-1.2200.fc5 Oct14 16:59:26 EDT 2006 i686 (ja še 
vedno - informacije KinfoCenter - Zvok),
-------listing-start---------
Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel: Eeek! page_mapcount(page) went negative! (-1)

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel:   page->flags = 400

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel:   page->count = 1

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel:   page->mapping = 00000000

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel:   vma->vm_ops->nopage = filemap_nopage+0x0/0x2f6

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel: ------------[ cut here ]------------

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel: kernel BUG at mm/rmap.c:587!

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel: invalid opcode: 0000 [#1]

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel: CPU:    0

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel: EIP is at page_remove_rmap+0x8a/0xc2

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel: eax: 00000034   ebx: c100c160   ecx: ffffffff   edx: 
da75e000

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel: esi: c2aa3278   edi: c7a51000   ebp: 00000000   esp: 
da75ed10

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel: ds: 007b   es: 007b   ss: 0068

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel: Process pppd (pid: 4497, ti=da75e000 task=cb5f94d0 
task.ti=da75e000)

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel: Stack: c061f202 00000000 c100c160 00400000 c0450315 
00000000 c2aa3278 da75ed88

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel:        003d3ed2 00000000 00000001 00402000 d93a6004 
de157b40 c07682fc 00000000

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel:        ffffffff de157b94 d93a6004 00402000 00000000 
da75ed88 c9622a04 de157b40

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel: Call Trace:

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel:  [<c0450315>] unmap_vmas+0x289/0x494

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel:  [<c0452b09>] exit_mmap+0x5f/0xd5

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel:  [<c0419f71>] mmput+0x33/0x78

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel:  [<c0469deb>] flush_old_exec+0x563/0x7a0

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel:  [<c0486bcd>] load_elf_binary+0x47a/0x1591

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel:  [<c046919e>] search_binary_handler+0x94/0x22f

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel:  [<c048606f>] load_script+0x1a3/0x1b8

Message from syslogd at localhost at Thu Nov 30 12:18:12 2006 ...
localhost kernel:  [<c046919e>] search_binary_handler+0x94/0x22f

Message from syslogd at localhost at Thu Nov 30 12:18:13 2006 ...
localhost kernel:  [<c046a8e8>] do_execve+0x14b/0x1e5

Message from syslogd at localhost at Thu Nov 30 12:18:13 2006 ...
localhost kernel:  [<c040119b>] sys_execve+0x2f/0x4e

Message from syslogd at localhost at Thu Nov 30 12:18:13 2006 ...
localhost kernel:  [<c0402d9b>] syscall_call+0x7/0xb

Message from syslogd at localhost at Thu Nov 30 12:18:13 2006 ...
localhost kernel: DWARF2 unwinder stuck at syscall_call+0x7/0xb

Message from syslogd at localhost at Thu Nov 30 12:18:13 2006 ...
localhost kernel: Leftover inexact backtrace:

Message from syslogd at localhost at Thu Nov 30 12:18:13 2006 ...
localhost kernel:  =======================

Message from syslogd at localhost at Thu Nov 30 12:18:13 2006 ...
localhost kernel: Code: 7b 6e fc ff 8b 43 10 c7 04 24 02 f2 61 c0 89 44 
24 04 e8 68 6e fc ff 8b 46 40 85 c0 74 0d 8b 50 08 b8 1b f2 61 c0 e8 33 
fd fd ff <0f> 0b 4b 02 97 f1 61 c0 8b 4b 10 8b 13 83 f1 01 83 e1 01 c1 ea

Message from syslogd at localhost at Thu Nov 30 12:18:13 2006 ...
localhost kernel: EIP: [<c0455955>] page_remove_rmap+0x8a/0xc2 SS:ESP 
0068:da75ed10
--------listing-end--------
Joze Klepec je napisal(a):
> Ja, Miha. Tole je direkten napad na kernel!
>
> Žal mi ni uspelo shraniti listinga, poteka pa tako, da:
...
> Pri meni se je sicer kernel avtomagic(no postavil nazaj ne da bi se 
> karkoli hujšega zgodilo (kar sem sicer na svojem sistemu opazoval 
> prvic(), grem pa v zagon preverjenja sistema, c(e ni kaj sumljivega.
>
> LP, Jože
>
>
> Miha Tomšic( je napisal(a):
>> Hojla!
>>
>> http://www.xfree86.org/current/intrinsics.html
>>
>> Res WOW!
>>
>> M.
>> _______________________________________________
>> lugos-bla mailing list
>> lugos-bla at lugos.si
>> http://liste2.lugos.si/cgi-bin/mailman/listinfo/lugos-bla
>>
>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: joze.klepec.vcf
Type: text/x-vcard
Size: 187 bytes
Desc: not available
Url : http://liste2.lugos.si/pipermail/lugos-sec/attachments/20061130/a00a691b/joze.klepec.vcf

More information about the lugos-sec mailing list