[Bug 1745169] Re: Kernel tried to execute NX-protected page - exploit attempt?
** Changed in: linux-meta-hwe-edge (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1745169 Title: Kernel tried to execute NX-protected page - exploit attempt? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/1745169/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1745169] Re: Kernel tried to execute NX-protected page - exploit attempt?
I retried this morning, and problem solved! Thanks ** Changed in: linux-azure (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1745169 Title: Kernel tried to execute NX-protected page - exploit attempt? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/1745169/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1745169] Re: Kernel tried to execute NX-protected page - exploit attempt?
Issue went away after I upgraded. 4.13.0-32-generic #35~16.04.1-Ubuntu SMP Thu Jan 25 10:13:43 UTC 2018 x86_64 x86_64 x86_64 GNU/Linu -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1745169 Title: Kernel tried to execute NX-protected page - exploit attempt? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/1745169/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [External] [Bug 1745169] Re: Kernel tried to execute NX-protected page - exploit attempt?
Thanks for the update, I will try it on next Monday. Envoyé de mon iPhone > Le 26 janv. 2018 à 17:02, Joshua R. Poulsona écrit : > > A new round of kernels was released last night, including Linux- > azure-4.13.0-1007... are you still seeing this trace? > > -- > You received this bug notification because you are subscribed to the bug > report. > https://urldefense.proofpoint.com/v2/url?u=https-3A__bugs.launchpad.net_bugs_1745169=DwIFaQ=eIGjsITfXP_y-DLLX0uEHXJvU8nOHrUK8IrwNKOtkVU=z5XGstltxu4cfsKdlKwB7UfMhixnkYaDErhbw48DYF8=F0JqNyJ_FUcXTRZn6vZl3whHJGoJdnyD07nC65IlkGI=lFf-ooj63oLgALjU1iqZ0HKBPEVfO4HM_dPlbd9F9Zo= > > Title: > Kernel tried to execute NX-protected page - exploit attempt? > > Status in linux-azure package in Ubuntu: > Confirmed > Status in linux-meta-hwe-edge package in Ubuntu: > New > > Bug description: > Hi, > > This morning I had an issue in the install of elasticsearch-2.4.6, and > when I have a look in journalctl, I have this BUG: unable to handle > kernel paging request at 7f7d7d67e7a0 > > My configuration: > elasticsearch@es-usb:~$ uname -r > 4.13.0-1006-azure > > When I do the downgrade on the 4.11.0-1016-azure kernel version, > everything is working well. > > More information of my journalctl: > Jan 24 12:12:53 es-usb systemd[1]: Starting Elasticsearch... > Jan 24 12:12:53 es-usb systemd[1]: Started Elasticsearch. > Jan 24 12:12:53 es-usb sudo[18774]: pam_unix(sudo:session): session closed > for user root > Jan 24 12:12:55 es-usb kernel: kernel tried to execute NX-protected page - > exploit attempt? (uid: 1000) > Jan 24 12:12:55 es-usb kernel: BUG: unable to handle kernel paging request > at 7f7d7d67e7a0 > Jan 24 12:12:55 es-usb kernel: IP: 0x7f7d7d67e7a0 > Jan 24 12:12:55 es-usb kernel: PGD 8001b6e97067 > Jan 24 12:12:55 es-usb kernel: P4D 8001b6e97067 > Jan 24 12:12:55 es-usb kernel: PUD 1b55fd067 > Jan 24 12:12:55 es-usb kernel: PMD 1b55fc067 > Jan 24 12:12:55 es-usb kernel: PTE 8001aa5ac867 > Jan 24 12:12:55 es-usb kernel: > Jan 24 12:12:55 es-usb kernel: Oops: 0011 [#7] SMP PTI > Jan 24 12:12:55 es-usb kernel: Modules linked in: xt_nat xt_tcpudp veth > ipt_MASQUERADE nf_nat_masquerade_ipv4 nf_conntrack_netlink nfnetlink > xfrm_user xfrm_algo iptable_nat nf_nat_ipv4 xt_addrtype nf_nat br_netfilter > bridge stp llc overlay xt_multiport iptable_filter nf_conntrack_ipv4 n > Jan 24 12:12:55 es-usb kernel: hyperv_keyboard hid cfbimgblt cfbcopyarea > hv_utils ptp pps_core hv_netvsc > Jan 24 12:12:55 es-usb kernel: CPU: 0 PID: 18809 Comm: java Tainted: G > D 4.13.0-1006-azure #8-Ubuntu > Jan 24 12:12:55 es-usb kernel: Hardware name: Microsoft Corporation Virtual > Machine/Virtual Machine, BIOS 090007 06/02/2017 > Jan 24 12:12:55 es-usb kernel: task: 9c04b5e42e80 task.stack: > b490c5aa > Jan 24 12:12:55 es-usb kernel: RIP: 0010:0x7f7d7d67e7a0 > Jan 24 12:12:55 es-usb kernel: RSP: 0018:b490c5aa3f50 EFLAGS: 00010202 > Jan 24 12:12:55 es-usb kernel: RAX: 03e7 RBX: > RCX: 7f7d7cf914d9 > Jan 24 12:12:55 es-usb kernel: RDX: 7f7d7d67ef50 RSI: 7f7d7d67f030 > RDI: > Jan 24 12:12:55 es-usb kernel: RBP: R08: > R09: 000c > Jan 24 12:12:55 es-usb kernel: R10: 7f7d7d67e7a0 R11: 9c04b5e42e80 > R12: > Jan 24 12:12:55 es-usb kernel: R13: R14: > R15: > Jan 24 12:12:55 es-usb kernel: FS: 7f7d7d680700() > GS:9c04b9e0() knlGS: > Jan 24 12:12:55 es-usb kernel: CS: 0010 DS: ES: CR0: > 80050033 > Jan 24 12:12:55 es-usb kernel: CR2: 7f7d7d67e7a0 CR3: 0001a33b8000 > CR4: 001406f0 > Jan 24 12:12:55 es-usb kernel: Call Trace: > Jan 24 12:12:55 es-usb kernel: ? entry_SYSCALL_64_fastpath+0x33/0xa3 > Jan 24 12:12:55 es-usb kernel: Code: Bad RIP value. > Jan 24 12:12:55 es-usb kernel: RIP: 0x7f7d7d67e7a0 RSP: b490c5aa3f50 > Jan 24 12:12:55 es-usb kernel: CR2: 7f7d7d67e7a0 > Jan 24 12:12:55 es-usb kernel: ---[ end trace 3100a53c6de7c0c4 ]--- > > Thanks for your help > > Damien > > To manage notifications about this bug go to: > https://urldefense.proofpoint.com/v2/url?u=https-3A__bugs.launchpad.net_ubuntu_-2Bsource_linux-2Dazure_-2Bbug_1745169_-2Bsubscriptions=DwIFaQ=eIGjsITfXP_y-DLLX0uEHXJvU8nOHrUK8IrwNKOtkVU=z5XGstltxu4cfsKdlKwB7UfMhixnkYaDErhbw48DYF8=F0JqNyJ_FUcXTRZn6vZl3whHJGoJdnyD07nC65IlkGI=Dfglu8DyAAB981lxLWbAgJD8wnGaDgG5E3nqOQU2EaY= This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and
[Bug 1745169] Re: Kernel tried to execute NX-protected page - exploit attempt?
A new round of kernels was released last night, including Linux- azure-4.13.0-1007... are you still seeing this trace? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1745169 Title: Kernel tried to execute NX-protected page - exploit attempt? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/1745169/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1745169] Re: Kernel tried to execute NX-protected page - exploit attempt?
** Also affects: linux-meta-hwe-edge (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1745169 Title: Kernel tried to execute NX-protected page - exploit attempt? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/1745169/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1745169] Re: Kernel tried to execute NX-protected page - exploit attempt?
Is this a 100% repro? If yes, can you check if adding the "nopti" kernel parameter can fix the issue? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1745169 Title: Kernel tried to execute NX-protected page - exploit attempt? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/1745169/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1745169] Re: Kernel tried to execute NX-protected page - exploit attempt?
In addition to the other fun with 4.13, it also includes the Meltdown changes in 4.13.0-1004, and Spectre changes in 4.13.0-1006. Have you tried other kernels in the 4.13 line? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1745169 Title: Kernel tried to execute NX-protected page - exploit attempt? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/1745169/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1745169] Re: Kernel tried to execute NX-protected page - exploit attempt?
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-azure (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1745169 Title: Kernel tried to execute NX-protected page - exploit attempt? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/1745169/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs