Bug 63471 - gethostbyname causes kernel NULL pointer
gethostbyname causes kernel NULL pointer
Status: CLOSED WORKSFORME
Product: Red Hat Linux
Classification: Retired
Component: kernel (Show other bugs)
7.2
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Arjan van de Ven
Brian Brock
:
Depends On:
Blocks: 63987
  Show dependency treegraph
 
Reported: 2002-04-14 08:14 EDT by Need Real Name
Modified: 2007-04-18 12:41 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-06-08 12:44:54 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Need Real Name 2002-04-14 08:14:17 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt)

Description of problem:
Cught this error in my syslog file. System did not crash.
Not clear how this problem happened.
Syslog reported:
Apr 14 06:05:05 mibcentral rpc.statd[673]: gethostbyname error for 
^XC7C?B?^XC7C?B?^YC7C?B?^YC7C?B?^ZC7C?B?^ZC7C?B?^[C7C?B?^[C7C?B?%8x%8x%8x%8x%8x%
8x%8x%8x%
Apr 14 06:35:00 mibcentral kernel: Unable to handle kernel NULL pointer 
dereference at virtual address 00000020
Apr 14 06:35:00 mibcentral kernel:  printing eip:
Apr 14 06:35:00 mibcentral kernel: c01379c7
Apr 14 06:35:00 mibcentral kernel: *pde = 00000000
Apr 14 06:35:00 mibcentral kernel: Oops: 0002
Apr 14 06:35:00 mibcentral kernel: CPU:    0
Apr 14 06:35:00 mibcentral kernel: EIP:    0010:
[__remove_from_lru_list+23/112]    Not tainted
Apr 14 06:35:00 mibcentral kernel: EIP:    0010:[<c01379c7>]    Not tainted
Apr 14 06:35:00 mibcentral kernel: EFLAGS: 00010202
Apr 14 06:35:00 mibcentral kernel: EIP is at __remove_from_lru_list [kernel] 
0x17
Apr 14 06:35:00 mibcentral kernel: eax: 00000004   ebx: d09dbf20   ecx: 
d09dbf80   edx: 00000000
Apr 14 06:35:00 mibcentral kernel: esi: d09dbf80   edi: cfb3d0c0   ebp: 
00000000   esp: dfeddf5c
Apr 14 06:35:00 mibcentral kernel: ds: 0018   es: 0018   ss: 0018
Apr 14 06:35:00 mibcentral kernel: Process kswapd (pid: 5, stackpage=dfedd000)
Apr 14 06:35:00 mibcentral kernel: Stack: c0137aad d09dbf80 00000000 c013a620 
d09dbf80 00000001 c1c0e800 c1467f6c
Apr 14 06:35:00 mibcentral kernel:        00000080 c0138b3a 00000000 c1467f6c 
00000000 00000007 c012eba4 c1467f6c
Apr 14 06:35:00 mibcentral kernel:        00000080 00000000 00000000 00002bc5 
00007227 00000000 00000000 000000c0
Apr 14 06:35:00 mibcentral kernel: Call Trace: [__remove_from_queues+45/48] 
__remove_from_queues [kernel] 0x2d
Apr 14 06:35:00 mibcentral kernel: Call Trace: [<c0137aad>] 
__remove_from_queues [kernel] 0x2d
Apr 14 06:35:00 mibcentral kernel: [try_to_free_buffers+112/272] 
try_to_free_buffers [kernel] 0x70
Apr 14 06:35:00 mibcentral kernel: [<c013a620>] try_to_free_buffers [kernel] 
0x70
Apr 14 06:35:00 mibcentral kernel: [try_to_release_page+58/96] 
try_to_release_page [kernel] 0x3a
Apr 14 06:35:00 mibcentral kernel: [<c0138b3a>] try_to_release_page [kernel] 
0x3a
Apr 14 06:35:00 mibcentral kernel: [page_launder+1108/2368] page_launder 
[kernel] 0x454
Apr 14 06:35:00 mibcentral kernel: [<c012eba4>] page_launder [kernel] 0x454
Apr 14 06:35:00 mibcentral kernel: [do_try_to_free_pages+17/80] 
do_try_to_free_pages [kernel] 0x11
Apr 14 06:35:00 mibcentral kernel: [<c012f411>] do_try_to_free_pages [kernel] 
0x11
Apr 14 06:35:00 mibcentral kernel: [kswapd+85/240] kswapd [kernel] 0x55
Apr 14 06:35:00 mibcentral kernel: [<c012f4a5>] kswapd [kernel] 0x55
Apr 14 06:35:00 mibcentral kernel: [rest_init+0/48] stext [kernel] 0x0
Apr 14 06:35:00 mibcentral kernel: [<c0105000>] stext [kernel] 0x0
Apr 14 06:35:00 mibcentral kernel: [kernel_thread+38/48] kernel_thread [kernel] 
0x26
Apr 14 06:35:00 mibcentral kernel: [<c0105726>] kernel_thread [kernel] 0x26
Apr 14 06:35:00 mibcentral kernel: [kswapd+0/240] kswapd [kernel] 0x0
Apr 14 06:35:00 mibcentral kernel: [<c012f450>] kswapd [kernel] 0x0
Apr 14 06:35:00 mibcentral kernel:
Apr 14 06:35:00 mibcentral kernel:
Apr 14 06:35:00 mibcentral kernel: Code: 89 42 20 8b 41 20 8b 51 24 89 50 24 8b 
44 24 08 8d 14 85 00

Version-Release number of selected component (if applicable):


How reproducible:
Didn't try


Additional info:
Comment 1 Arjan van de Ven 2002-04-14 08:17:04 EDT
 Apr 14 06:05:05 mibcentral rpc.statd[673]: gethostbyname error for 

^XC7C?B?^XC7C?B?^YC7C?B?^YC7C?B?^ZC7C?B?^ZC7C?B?^[C7C?B?^[C7C?B?%8x%8x%8x%8x%8x%
 8x%8x%8x%

is someone trying to hack your system.

Which exact kernel version is this ?
Comment 2 Need Real Name 2002-04-14 15:09:24 EDT
Yes, it looks like it might be a hack attack. Regardless, it looks like the 
kernel gets hit since it logs this error, and I am not sure what the side-
effects might be.
The kernel version is 2.4.9-21.
Comment 3 Need Real Name 2002-04-23 04:43:18 EDT
Is there a fix to avoid the kernel NULL pointer from happening?
Comment 4 Arjan van de Ven 2002-04-23 04:51:00 EDT
Not sure what causes this; you could try upgrading to 2.4.9-31 (there's some
cornercase bugs fixed); however if some hack attack succeeded it could be that
the attackers installed a kernel module; some automated attacks do this ;(
Comment 5 Alan Cox 2003-06-08 12:44:54 EDT
Idle for over a year, many errata released closing..

Note You need to log in before you can comment on or make changes to this bug.