Hi Aurelien,
It's a VM running in qemu on an amd64 Debian bullseye system, no KVM acceleration to be found here.
dmesg doesn't have any backtraces - the two messages that show up are py3compile segfaulting with all the addresses printed as xxxxxxxx instead, and a couple of programs (like mandb) reporting getting a pointer of 0xfffffffffffffff1 or similar and dying in a fire.
The first ones after the upgrade:
Jan 6 01:30:39 encrepro kernel: [ 6715.078626] mandb[1903]: User access of kernel address (ffffffffffff8408) - exploit attempt? (uid: 6)
Jan 6 01:30:39 encrepro kernel: [ 6715.093977] mandb[1903]: segfault (11) at ffffffffffff8408 nip 7fffb37f5f28 lr 7fffb37f5f08 code 1 in libseccomp.so.2.5.3[7fffb37f0000+30000]
Jan 6 01:30:39 encrepro kernel: [ 6715.100149] mandb[1903]: code: fbe10078 38800000 7c7f1b78 4bffddfd e8410028 2c030000 41800030 ebe10078
Jan 6 01:30:39 encrepro kernel: [ 6715.100308] mandb[1903]: code: 38600000 38210080 60000000 e8010010 <906283f8> 7c6307b4 7c0803a6 4e800020
Jan 6 01:31:31 encrepro kernel: [ 6767.287646] reportbug[1982]: segfault (11) at 34c8 nip 34c8 lr 34c8 code 1 in python3.9[10000000+5d0000]
Jan 6 01:31:31 encrepro kernel: [ 6767.293334] reportbug[1982]: code: XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
Jan 6 01:31:31 encrepro kernel: [ 6767.293545] reportbug[1982]: code: XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
And later:
Jan 6 01:35:30 encrepro systemd[2290]: free(): invalid pointer
and
Jan 6 01:42:53 encrepro systemd[1]: Created slice User Slice of UID 1000.
Jan 6 01:42:53 encrepro systemd[1]: Starting User Runtime Directory /run/user/1000...
Jan 6 01:42:53 encrepro systemd[1]: Finished User Runtime Directory /run/user/1000.
Jan 6 01:42:53 encrepro systemd[1]: Starting User Manager for UID 1000...
Jan 6 01:42:53 encrepro systemd[2370]: free(): invalid pointer
Jan 6 01:42:54 encrepro systemd[1]: user@1000.service: Main process exited, code=killed, status=6/ABRT
Jan 6 01:42:54 encrepro systemd[1]: user@1000.service: Failed with result 'signal'.
Jan 6 01:42:54 encrepro systemd[1]: Failed to start User Manager for UID 1000.
I've got a core dump from mandb:
I don't have a stacktrace from it, though, since I didn't already have gdb on the VM, and it wants to upgrade libc to install. (I know I could go find an appropriately old section of
snapshots.debian.org, but haven't done that yet...)
- Rich