Bug#929366: linux-image-4.19.0-5-octeon: usercopy: Kernel memory overwrite attempt detected (in systemd-timedated)

Julien Cristau jcristau at debian.org
Wed May 22 13:52:01 BST 2019


Source: linux
Version: 4.19.37-3
Severity: important
X-Debbugs-Cc: debian-admin at lists.debian.org, debian-mips at lists.debian.org, systemd at packages.debian.org
User: debian-admin at lists.debian.org
Usertags: needed-by-DSA-Team

Hi,

from mips-sil-01.debian.org's syslog:

May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 dbus-daemon[542]: [system] Activating via systemd: service name='org.freedesktop.timedate1' unit='dbus-org.freedesktop.timedate1.service' requested by ':1.12565' (uid=115 pid=561 comm="timedatectl show ")
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 systemd[1]: Starting Time & Date Service...
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: usercopy: Kernel memory overwrite attempt detected to SLUB object 'buffer_head' (offset 8, size 88)!
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: Kernel bug detected[#1]:
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: CPU: 0 PID: 563 Comm: (imedated) Not tainted 4.19.0-5-octeon #1 Debian 4.19.37-3
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: $ 0   : 0000000000000000 ffffffff82a78f48 0000000000000064 417135fb8ce5871c
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: $ 4   : 417135fb8ce5871c 800000002406b678 8000000024074080 ffffffff835b0000
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: $ 8   : 0000000000000100 800000020e9a4018 286f666673657420 ffffffff835b0000
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: $12   : 0000000000000000 0000000005f5e100 ffffffff835b0000 ffffffff83590b58
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: $16   : c000000002400038 0000000000000058 0000000000000000 c000000002400090
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: $20   : ffffffff82a2f630 c000000002400000 0000000055d29698 c000000002400038
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: $24   : ffffffffffffffff ffffffff82dcc9a0                                  
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: $28   : 80000001f9094000 80000001f9097d30 0000000000000000 ffffffff82b71874
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: Hi    : 00000000003e7cf8
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: Lo    : 72b020c49bf017bb
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: epc   : ffffffff82b71874 usercopy_abort+0x94/0xa0
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: ra    : ffffffff82b71874 usercopy_abort+0x94/0xa0
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: Status: 10109ce3   KX SX UX KERNEL EXL IE 
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: Cause : 00800024 (ExcCode 09)
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: PrId  : 000d9602 (Cavium Octeon III)
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: Modules linked in: mmc_block binfmt_misc ip6t_REJECT nf_reject_ipv6 nf_conntrack_ftp xt_CT nfnetlink_log nft_counter xt_hashlimit ipt_REJECT nf_reject_ipv4 xt_NFLOG xt_multiport xt_tcpudp xt_state xt_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c nft_compat nf_tables nfnetlink sg octeon_mmc mmc_core 8250_of leds_gpio i2c_dev octeon_rng rng_core ip_tables x_tables autofs4 ext4 crc16 mbcache jbd2 crc32c_generic fscrypto ecb dm_mod ahci_platform libahci_platform libahci ahci_octeon
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: Process (imedated) (pid: 563, threadinfo=0000000053386908, task=000000008966de24, tls=00000000771b84a0)
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: Stack : 0000000000000058 00000000006080c0 0000000000000000 ffffffff82b50d60
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel:         0000000077d57098 ffffffff82b716c4 80000000240bfb00 80000001f9097df8
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel:         0000000000000058 0000000000000001 8000000187ea86d0 ffffffff82f1f7e4
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel:         0000000000000000 ffffffff832b0000 8000000187ea86c0 0000000077d5a7c8
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel:         0000000000000000 0000000077d30000 0000000077d57098 0000000000000000
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel:         000000007f99ca14 ffffffff82a30784 000000000ef08000 417135fb8ce5871c
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel:         000b000055d29698 000b000055de72f0 0000000055d29698 417135fb8ce5871c
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel:         0000000055dea4c0 0000000055de72f0 0000000077d5a7c8 0000000077d5a73c
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel:         0000000077d30000 0000000077d57098 0000000000000000 ffffffff82943b0c
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel:         0000000000000000 0000000000000001 0000000000000fa0 0000000000000001
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel:         ...
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: Call Trace:
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: [<ffffffff82b71874>] usercopy_abort+0x94/0xa0
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: [<ffffffff82b50d60>] __check_heap_object+0x170/0x188
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: [<ffffffff82b716c4>] __check_object_size+0x11c/0x238
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: [<ffffffff82f1f7e4>] bpf_prog_create_from_user+0x94/0x1d8
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: [<ffffffff82a30784>] do_seccomp+0x2a4/0x7a0
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: [<ffffffff82943b0c>] syscall_common+0x18/0x3c
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: Code: 00404025  0ca715c4  6484a3c0 <000c000d> 00000000  00000000  67bdfff0  ffbf0008  ffb00000 
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: 
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: ---[ end trace aad06c7e2b036639 ]---
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 systemd[1]: systemd-timedated.service: Main process exited, code=killed, status=11/SEGV
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 systemd[1]: systemd-timedated.service: Failed with result 'signal'.
May 22 11:57:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 systemd[1]: Failed to start Time & Date Service.
May 22 11:59:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 dbus-daemon[542]: [system] Activating via systemd: service name='org.freedesktop.timedate1' unit='dbus-org.freedesktop.timedate1.service' requested by ':1.12566' (uid=115 pid=1749 comm="timedatectl show ")
May 22 11:59:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: usercopy: Kernel memory overwrite attempt detected to SLUB object 'buffer_head' (offset 8, size 296)!
May 22 11:59:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: Kernel bug detected[#2]:
May 22 11:59:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: CPU: 3 PID: 1 Comm: systemd Tainted: G      D           4.19.0-5-octeon #1 Debian 4.19.37-3
May 22 11:59:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: $ 0   : 0000000000000000 ffffffff82a78f48 0000000000000065 417135fb8ce5871c
May 22 11:59:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: $ 4   : 417135fb8ce5871c 80000000240b3678 80000000240bc080 ffffffff835b0000
May 22 11:59:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: $ 8   : 0000000000000129 800000020e9a4018 286f666673657420 ffffffff835b0000
May 22 11:59:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: $12   : 0000000000000000 0000000005f5e100 ffffffff835b0000 ffffffff83590b58
May 22 11:59:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: $16   : c000000002402038 0000000000000128 0000000000000000 c000000002402160
May 22 11:59:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: $20   : 0000000000000128 0000000055df5a50 c000000002402038 0000000055661000
May 22 11:59:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: $24   : ffffffffffffffff ffffffff82dcc9a0                                  
May 22 11:59:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: $28   : 800000020fdb8000 800000020fdbbc30 0000000000000000 ffffffff82b71874
May 22 11:59:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: Hi    : 0000000000ef31cb
May 22 11:59:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: Lo    : 645a1cac094d320b
May 22 11:59:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: epc   : ffffffff82b71874 usercopy_abort+0x94/0xa0
May 22 11:59:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: ra    : ffffffff82b71874 usercopy_abort+0x94/0xa0
May 22 11:59:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: Status: 10109ce3   KX SX UX KERNEL EXL IE 
May 22 11:59:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: Cause : 00800024 (ExcCode 09)
May 22 11:59:53 mips-sil-01/mips-sil-01/::ffff:86.59.118.146 kernel: PrId  : 000d9602 (Cavium Octeon III)

After that the machine seems to have rebooted.

Cheers,
Julien



More information about the Pkg-systemd-maintainers mailing list