Package: chkrootkit Version: 0.55-1+b1 Severity: important Dear Maintainer, Since upgrade to bullseye I'm seeing chkrootkit warnings of the form:
OooPS, not expected 210672 value I think the problem here is the new larger PIDs on newer kernels. I think the problem here is something involving the MAX_PROCESSES calc in chkproc.c TO reproduce: Let the host run for a while so you're getting larger PIDs, then cd /usr/lib/chkrootkit ./chkproc OooPS, not expected 210672 value and that's the first PID in my system's ps output that's large. I tried upgrading to testing's: ii chkrootkit 0.55-1+b1 amd64 rootkit detector and it still happens for me. I checked it really is the 64bit build: dg@mx:/usr/lib/chkrootkit$ file /usr/lib/chkrootkit/chkproc /usr/lib/chkrootkit/chkproc: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=66d59d153338e672554b5b6fee85d5696d2cb968, for GNU/Linux 3.2.0, stripped Dave -- System Information: Debian Release: 11.1 APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-9-amd64 (SMP w/1 CPU thread) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/bash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages chkrootkit depends on: ii binutils 2.35.2-2 ii debconf [debconf-2.0] 1.5.77 ii libc6 2.31-13+deb11u2 ii net-tools 1.60+git20181103.0eebece-1 ii openssh-client 1:8.4p1-5 ii procps 2:3.3.17-5 chkrootkit recommends no packages. chkrootkit suggests no packages. -- debconf information: * chkrootkit/run_daily_opts: -q -n * chkrootkit/run_daily: true * chkrootkit/diff_mode: false
