Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 16 Nov 2020 21:25:10 +0100
From: Jacek <wampir990@...il.com>
To: lkrg-users@...ts.openwall.com
Subject: p_lkrg] <Exploit Detection> Trying to kill process[ThreadPoolSingl |
 2170]!

Hi

OS Gentoo:

Linux version 5.9.8-g1 (root@...ek) (gcc (Gentoo Hardened 9.3.0-r1 p3) 
9.3.0, GNU ld (Gentoo 2.34 p6) 2.34.0) #2 SMP PREEMPT Thu Nov 12 
07:29:29 CET 2020

LKRG:

filename:       /lib/modules/5.9.8-g1/extra/p_lkrg.ko
license:        GPL v2
description:    pi3's Linux kernel Runtime Guard
author:         Adam 'pi3' Zabrocki (http://pi3.com.pl)
srcversion:     40A527C8D5D5D19B610FE2F
depends:
retpoline:      Y
name:           p_lkrg
vermagic:       5.9.8-g1 SMP preempt mod_unload modversions 
RANDSTRUCT_PLUGIN_7c046b7d45f5b82e76f627aadaefa3bc69fdd9ae1cd91b61e72d98512ef164aa

Git log:

# root ~> git log |head -n 20
commit 4cfb2b3474b813b0f2c424bbbcd7c1c456fb8f6e
Author: disrupttheflow <68149206+disrupttheflow@...rs.noreply.github.com>
Date:   Mon Nov 16 12:28:23 2020 +0000

     Add correct repository to clone from in README (#25)

commit 645983fbf687c4bddb3c62c19a37d7db380bf927
Author: Mariusz Zaborski <oshogbo@...illium.org>
Date:   Fri Nov 6 19:29:40 2020 +0100

     ptrace: replace ptrace kprobes with security_ptrace_access_check

commit ca8237ed2251a6f4ae03fe8e549662465f26d347
Merge: 37d5520 5db3f98
Author: Adam 'pi3' Zabrocki <65244445+Adam-pi3@...rs.noreply.github.com>
Date:   Sat Nov 7 08:52:18 2020 -0800

     Merge pull request #23 from oshogbo/kill

     umh: Kill process using the proper SIGKILL signal.


Akreator (RSS client from KDE)

# user ~> akregator
[506:1:0100/000000.026569:ERROR:broker_posix.cc(43)] Invalid node 
channel message
Unicestwiony

LKRG error (from dmesg):

[  806.873553] [p_lkrg] <Exploit Detection> ON process[2170 | 
Chrome_IOThread] has corrupted 'off' flag!
[  806.873555] [p_lkrg] <Exploit Detection> Trying to kill 
process[ThreadPoolSingl | 2170]!

Cheers

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.