Nov 18 09:15:01 gdOv kernel: [ 803.770473] grsec: chdir to /var/lib/lurker/www by /usr/bin/lurker-prune[lurker-prune:4447] uid/euid:33/33 gid/egid:33/33, parent /bin/dash[sh:4446] uid/euid:33/33 gid/egid:33/33 Nov 18 09:30:01 gdOv kernel: [ 1703.747052] grsec: chdir to /var/www by /usr/sbin/cron[cron:4452] uid/euid:33/33 gid/egid:33/33, parent /usr/sbin/cron[cron:4451] uid/euid:0/0 gid/egid:0/0 Nov 18 09:30:01 gdOv kernel: [ 1703.747226] grsec: exec of /bin/dash (/bin/sh -c if test -f /var/lib/lurker/db; then /usr/bin/lurker-prune; fi ) by /bin/dash[cron:4452] uid/euid:33/33 gid/egid:33/33, parent /usr/sbin/cron[cron:4451] uid/euid:0/0 gid/egid:0/0 Nov 18 09:30:01 gdOv kernel: [ 1703.749407] grsec: exec of /usr/bin/lurker-prune (/usr/bin/lurker-prune ) by /usr/bin/lurker-prune[sh:4453] uid/euid:33/33 gid/egid:33/33, parent /bin/dash[sh:4452] uid/euid:33/33 gid/egid:33/33 Nov 18 09:30:01 gdOv kernel: [ 1703.754999] grsec: chdir to /var/lib/lurker by /usr/bin/lurker-prune[lurker-prune:4453] uid/euid:33/33 gid/egid:33/33, parent /bin/dash[sh:4452] uid/euid:33/33 gid/egid:33/33 Nov 18 09:30:01 gdOv kernel: [ 1703.755023] grsec: chdir to /var/www by /usr/bin/lurker-prune[lurker-prune:4453] uid/euid:33/33 gid/egid:33/33, parent /bin/dash[sh:4452] uid/euid:33/33 gid/egid:33/33 Nov 18 09:30:01 gdOv kernel: [ 1703.755206] grsec: chdir to /var/lib/lurker/www by /usr/bin/lurker-prune[lurker-prune:4453] uid/euid:33/33 gid/egid:33/33, parent /bin/dash[sh:4452] uid/euid:33/33 gid/egid:33/33 Nov 18 09:31:09 gdOv kernel: [ 1771.675752] grsec: exec of /usr/bin/mplayer (mplayer -use-filedir-conf HTV1_H1118_0907.m2t ) by /usr/bin/mplayer[bash:4454] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4159] uid/euid:1000/1000 gid/egid:1000/1000 Nov 18 09:31:09 gdOv kernel: [ 1771.932174] grsec: denied resource overstep by requesting 135168 for RLIMIT_MEMLOCK against limit 65536 for /usr/bin/mplayer[mplayer:4454] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:4159] uid/euid:1000/1000 gid/egid:1000/1000 Nov 18 09:33:36 gdOv kernel: [ 1918.420433] general protection fault: 0000 [#1] SMP Nov 18 09:33:36 gdOv kernel: [ 1918.421791] Modules linked in: nf_log_ipv4 nf_log_common xt_LOG xt_tcpudp xt_conntrack iptable_filter iptable_mangle iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack iptable_raw ip_tables x_tables cx22702 isl6421 cx24123 cx88_dvb cx88_vp3054_i2c videobuf2_dvb dvb_core wm8775 ir_lirc_codec ir_rc5_decoder lirc_dev rc_hauppauge tuner_simple tuner_types tda9887 tda8290 tuner snd_hda_codec_realtek snd_hda_codec_generic snd_hda_intel edac_mce_amd snd_hda_codec edac_core snd_hda_core amdkfd cx8802 radeon cx8800 cx88_alsa mxm_wmi snd_hwdep snd_pcm cx88xx snd_timer ttm drm_kms_helper drm tveeprom fb_sys_fops k10temp videobuf2_dma_sg syscopyarea videobuf2_memops v4l2_common sysfillrect kvm_amd kvm irqbypass snd evdev serio_raw videobuf2_v4l2 pcspkr videobuf2_core sysimgblt soundcore Nov 18 09:33:36 gdOv kernel: [ 1918.428454] videodev media i2c_algo_bit nuvoton_cir sp5100_tco sg wmi shpchp rc_core button acpi_cpufreq ext4 crc16 jbd2 fscrypto mbcache xts gf128mul algif_skcipher af_alg dm_crypt dm_mod sr_mod cdrom sd_mod ata_generic uas usb_storage ohci_pci psmouse r8169 mii firewire_ohci ahci firewire_core crc_itu_t libahci sky2 pata_atiixp libata xhci_pci ehci_pci ohci_hcd xhci_hcd ehci_hcd i2c_piix4 scsi_mod usbcore fjes Nov 18 09:33:36 gdOv kernel: [ 1918.436249] CPU: 3 PID: 4097 Comm: Xorg Not tainted 4.9.62-unofficial+grsec171117-23 #1 Nov 18 09:33:36 gdOv kernel: [ 1918.438360] Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./970 Extreme4, BIOS P2.60 11/11/2013 Nov 18 09:33:36 gdOv kernel: [ 1918.440532] task: ffff88031b860680 task.stack: ffffc9000a164000 Nov 18 09:33:36 gdOv kernel: [ 1918.442702] RIP: 0010:[] [] vma_wants_writenotify+0x94/0xc0 Nov 18 09:33:36 gdOv kernel: [ 1918.444968] RSP: 0018:ffffc9000a167cf0 EFLAGS: 00010287 Nov 18 09:33:36 gdOv kernel: [ 1918.447247] RAX: ff8803194de000ff RBX: 8000000000000027 RCX: 4000000000000000 Nov 18 09:33:36 gdOv kernel: [ 1918.449569] RDX: 0000000000000020 RSI: 2000000000000000 RDI: ffff880322c9bfff Nov 18 09:33:36 gdOv kernel: [ 1918.451887] RBP: ffff88031c743900 R08: ffff88031c743900 R09: 00000000140440bb Nov 18 09:33:36 gdOv kernel: [ 1918.454263] R10: 8000000000000027 R11: ffff88031cd7a620 R12: 00003ffffffff278 Nov 18 09:33:36 gdOv kernel: [ 1918.456665] R13: 00000000140440bb R14: 0000000000000001 R15: 000003e3dc42b000 Nov 18 09:33:36 gdOv kernel: [ 1918.459090] FS: 000003e3dc412a40(0000) GS:ffff88032fd80000(0000) knlGS:0000000000000000 Nov 18 09:33:36 gdOv kernel: [ 1918.461557] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 Nov 18 09:33:36 gdOv kernel: [ 1918.464046] CR2: 000003e3dc424800 CR3: 00000000017e9000 CR4: 00000000000006f0 Nov 18 09:33:36 gdOv kernel: [ 1918.466518] Stack: Nov 18 09:33:36 gdOv kernel: [ 1918.468906] ffffffff8115a594 00000000140440bb 000003e3dc42b000 ffff880320dd66c0 Nov 18 09:33:36 gdOv kernel: [ 1918.471257] ffff88031ab11980 ffffffff8115c27f ffff880320efb100 0000000000101332 Nov 18 09:33:36 gdOv kernel: [ 1918.473583] 0000000000000000 ffff88031c743900 00000000140440bb ffff88031c743900 Nov 18 09:33:36 gdOv kernel: [ 1918.475855] Call Trace: Nov 18 09:33:36 gdOv kernel: [ 1918.478045] [] ? vma_set_page_prot+0x34/0x60 Nov 18 09:33:36 gdOv kernel: [ 1918.480243] [] ? mmap_region+0x2cf/0x6d0 Nov 18 09:33:36 gdOv kernel: [ 1918.482475] [] ? do_mmap+0x560/0x620 Nov 18 09:33:36 gdOv kernel: [ 1918.484713] [] ? vm_mmap_pgoff+0xb9/0x100 Nov 18 09:33:36 gdOv kernel: [ 1918.486940] [] ? sys_mmap_pgoff+0x1a9/0x270 Nov 18 09:33:36 gdOv kernel: [ 1918.489203] [] ? entry_SYSCALL_64_fastpath+0x17/0xa8 Nov 18 09:33:36 gdOv kernel: [ 1918.491480] Code: c0 74 a4 48 8b 80 f8 00 00 00 48 85 c0 74 98 48 8b 38 48 c7 c0 40 ca 44 82 48 85 ff 74 14 48 8b 47 28 48 3b 05 d6 bf 34 01 74 10 <48> 8b 80 d8 00 00 00 8b 40 18 f7 d0 83 e0 01 c3 e8 97 0d 08 00 Nov 18 09:33:36 gdOv kernel: [ 1918.496342] RIP [] vma_wants_writenotify+0x94/0xc0 Nov 18 09:33:36 gdOv kernel: [ 1918.498750] RSP Nov 18 09:33:36 gdOv kernel: [ 1918.511405] ---[ end trace 31e80f49fd8dc8c9 ]--- Nov 18 09:33:36 gdOv kernel: [ 1918.511414] grsec: banning user with uid 1000 until system restart for suspicious kernel crash Nov 18 09:33:36 gdOv kernel: [ 1918.587358] grsec: exec of /sbin/agetty (/sbin/getty 38400 tty6 ) by /sbin/agetty[init:4456] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0 Nov 18 09:37:02 gdOv kernel: [ 42.267711] grsec: exec of /bin/sed (sed /=/!d;s/^.*=// ) by /bin/sed[cryptdisks:1337] uid/euid:0/0 gid/egid:0/0, parent /etc/init.d/cryptdisks[cryptdisks:1335] uid/euid:0/0 gid/egid:0/0 Nov 18 09:37:02 gdOv kernel: [ 42.272191] grsec: exec of /usr/bin/tput (/usr/bin/tput hpa 60 ) by /usr/bin/tput[cryptdisks:1338] uid/euid:0/0 gid/egid:0/0, parent /etc/init.d/cryptdisks[cryptdisks:1278] uid/euid:0/0 gid/egid:0/0 Nov 18 09:37:02 gdOv kernel: [ 42.273371] grsec: exec of /usr/bin/tput (/usr/bin/tput setaf 1 ) by /usr/bin/tput[cryptdisks:1339] uid/euid:0/0 gid/egid:0/0, parent /etc/init.d/cryptdisks[cryptdisks:1278] uid/euid:0/0 gid/egid:0/0 Nov 18 09:37:02 gdOv kernel: [ 42.274459] grsec: exec of /usr/bin/tput (/usr/bin/tput setaf 1 ) by /usr/bin/tput[cryptdisks:1340] uid/euid:0/0 gid/egid:0/0, parent /etc/init.d/cryptdisks[cryptdisks:1278] uid/euid:0/0 gid/egid:0/0 Nov 18 09:37:02 gdOv kernel: [ 42.275617] grsec: exec of /usr/bin/tput (/usr/bin/tput setaf 2 ) by /usr/bin/tput[cryptdisks:1341] uid/euid:0/0 gid/egid:0/0, parent /etc/init.d/cryptdisks[cryptdisks:1278] uid/euid:0/0 gid/egid:0/0 Nov 18 09:37:02 gdOv kernel: [ 42.276744] grsec: exec of /usr/bin/tput (/usr/bin/tput setaf 3 ) by /usr/bin/tput[cryptdisks:1342] uid/euid:0/0 gid/egid:0/0, parent /etc/init.d/cryptdisks[cryptdisks:1278] uid/euid:0/0 gid/egid:0/0 Nov 18 09:37:02 gdOv kernel: [ 42.277856] grsec: exec of /usr/bin/tput (/usr/bin/tput op ) by /usr/bin/tput[cryptdisks:1343] uid/euid:0/0 gid/egid:0/0, parent /etc/init.d/cryptdisks[cryptdisks:1278] uid/euid:0/0 gid/egid:0/0