Bug#1024186: linux: consider deprecating unprivileged_userns_clone
Package: linux Version: 6.0.8-1 Severity: wishlist In #898446 the decision was made to enable unprivileged_userns_clone by default and this shipped in bullseye. In the course of discussion bwh suggested: So I think we should do something like this: * Document user.max_user_namespaces in procps's shipped /etc/sysctl.conf * Set kernel.unprivileged_userns_clone to 1 by default, and deprecate it (log a warning if it's changed) * Document the change in bullseye release notes The default did get changed, but the other things haven't been done yet. FYI: I do not know the current state of the upstream patch but I do still see it in debian/patches/debian/add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by-default.patch Assuming Debian will not keep it, I propose: * bookworm should warn users still setting it that's it deprecated * bookworm should still properly disable it for users setting it to 0 * bookworm release notes should document it going away and the alternative * bookworm procps should include an example in the default sysctl.conf and ps(1) proc(5) manpages * trixie should remove it and release notes document * it might also be useful to document in the above which common cases require that unpriv userns is enabled, maybe to avoid some footguns How does that sound? As a side note: * desktop machines seem pretty dependent on unpriv userns by now so the default should remain enabled * there are still recent CVEs enabled by unpriv userns, disabling it on systems that don't need it is still worthwhile Thanks, -- Matt Taggart m...@lackof.org
Re: Bug#1022172: Bug#1024082: Bug#1022172: /lib/modprobe.d/50-nfs.conf causes initramfs-tools to stop including sunrpc module for nfs
Hi Marco, On Mon, Nov 14, 2022 at 07:06:30PM +0100, Marco d'Itri wrote: > > Try something like this in /lib/udev/rules.d/60-nfs.rules: > > ACTION=="add", SUBSYSTEM=="module", KERNEL=="sunrpc", \ > RUN+="/sbin/sysctl -q --pattern ^sunrpc --system" > ACTION=="add", SUBSYSTEM=="module", KERNEL=="rpcrdma", \ > RUN+="/sbin/sysctl -q --pattern ^sunrpc.svc_rdma --system" > ACTION=="add", SUBSYSTEM=="module", KERNEL=="lockd", \ > RUN+="/sbin/sysctl -q --pattern ^fs.nfs.n[sl]m --system" > ACTION=="add", SUBSYSTEM=="module", KERNEL=="nfsv4", \ > RUN+="/sbin/sysctl -q --pattern > ^fs.nfs.(nfs_callback_tcpport|idmap_cache_timeout) --system" > ACTION=="add", SUBSYSTEM=="module", KERNEL=="nfs", \ > RUN+="/sbin/sysctl -q --pattern ^fs.nfs --system" > > Differently from the original file I tired anchoring the patterns, which > looks more correct to me. Thanks, I will try to test this and bring to nfs-utils upstream. Michael or Andras, if you can help testing it in your use cases that would be helpful. Regards, Salvatore
Bug#1022025: Fwd: Bug#1022051: Acknowledgement (linux-image-5.10.0-19-amd64: no boot possible)
> 5.10.149-2 was no help with A10-7850K Radeon R7. Yes, My PC didn't boot with amdgpu yet, on linux-image-5.10.0-19-amd64. I'm using Radeon R7 Graphics too. I'm a man that 1st post in this thread. Sorry, I was so busy for a while. Attached /var/log/messages when didn't boot. Nov 15 05:30:19 muumatch-computer kernel: [0.00] Linux version 5.10.0-19-amd64 (debian-kernel@lists.debian.org) (gcc-10 (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2) #1 SMP Debian 5.10.149-2 (2022-10-21) Nov 15 05:30:19 muumatch-computer kernel: [0.00] Command line: BOOT_IMAGE=/boot/vmlinuz-5.10.0-19-amd64 root=UUID=ed31f180-e855-42c2-ba9c-36e3a1b7cb9d ro quiet radeon.si_support=0 amdgpu.si_support=1 Nov 15 05:30:19 muumatch-computer kernel: [0.00] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers' Nov 15 05:30:19 muumatch-computer kernel: [0.00] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers' Nov 15 05:30:19 muumatch-computer kernel: [0.00] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers' Nov 15 05:30:19 muumatch-computer kernel: [0.00] x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: 256 Nov 15 05:30:19 muumatch-computer kernel: [0.00] x86/fpu: Enabled xstate features 0x7, context size is 832 bytes, using 'standard' format. Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-provided physical RAM map: Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-e820: [mem 0x-0x0009e7ff] usable Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-e820: [mem 0x0009e800-0x0009] reserved Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-e820: [mem 0x000e-0x000f] reserved Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-e820: [mem 0x0010-0x9d236fff] usable Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-e820: [mem 0x9d237000-0x9d266fff] reserved Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-e820: [mem 0x9d267000-0x9d276fff] ACPI data Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-e820: [mem 0x9d277000-0x9d7b3fff] ACPI NVS Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-e820: [mem 0x9d7b4000-0x9e3aefff] reserved Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-e820: [mem 0x9e3af000-0x9e3a] usable Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-e820: [mem 0x9e3b-0x9e5b5fff] ACPI NVS Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-e820: [mem 0x9e5b6000-0x9e9f2fff] usable Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-e820: [mem 0x9e9f3000-0x9eff3fff] reserved Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-e820: [mem 0x9eff4000-0x9eff] usable Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-e820: [mem 0xf800-0xfbff] reserved Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-e820: [mem 0xfeb8-0xfec01fff] reserved Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-e820: [mem 0xfec1-0xfec10fff] reserved Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-e820: [mem 0xfed0-0xfed00fff] reserved Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-e820: [mem 0xfed8-0xfed8] reserved Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-e820: [mem 0xff00-0x] reserved Nov 15 05:30:19 muumatch-computer kernel: [0.00] BIOS-e820: [mem 0x0001-0x00021eff] usable Nov 15 05:30:19 muumatch-computer kernel: [0.00] NX (Execute Disable) protection: active Nov 15 05:30:19 muumatch-computer kernel: [0.00] SMBIOS 2.7 present. Nov 15 05:30:19 muumatch-computer kernel: [0.00] DMI: System manufacturer System Product Name/A88XM-A, BIOS 3001 03/09/2016 Nov 15 05:30:19 muumatch-computer kernel: [0.00] tsc: Fast TSC calibration failed Nov 15 05:30:19 muumatch-computer kernel: [0.00] last_pfn = 0x21f000 max_arch_pfn = 0x4 Nov 15 05:30:19 muumatch-computer kernel: [0.00] x86/PAT: Configuration [0-7]: WB WC UC- UC WB WP UC- WT Nov 15 05:30:19 muumatch-computer kernel: [0.00] last_pfn = 0x9f000 max_arch_pfn = 0x4 Nov 15 05:30:19 muumatch-computer kernel: [0.00] found SMP MP-table at [mem 0x000fd720-0x000fd72f] Nov 15 05:30:19 muumatch-computer kernel: [0.00] Using GB pages for direct mapping Nov 15 05:30:19 muumatch-computer kernel: [0.00] RAMDISK: [mem 0x305c9000-0x342dbfff] Nov 15 05:30:19 muumatch-computer kernel: [0.00] ACPI: Early table checksum verification di
Processed: your mail
Processing commands for cont...@bugs.debian.org: > reopen 1016945 Bug #1016945 [firmware-qlogic] firmware-qlogic: Firmware required by debiantesting kernel not available in firmware-qlogic Bug 1016945 is not marked as done; doing nothing. > End of message, stopping processing here. Please contact me if you need assistance. -- 1016945: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016945 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: found 1016945 in 20221012-1
Processing commands for cont...@bugs.debian.org: > found 1016945 20221012-1 Bug #1016945 [firmware-qlogic] firmware-qlogic: Firmware required by debiantesting kernel not available in firmware-qlogic Marked as found in versions firmware-nonfree/20221012-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 1016945: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016945 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: reopening 1016945
Processing commands for cont...@bugs.debian.org: > reopen 1016945 Bug #1016945 {Done: Diederik de Haas } [firmware-qlogic] firmware-qlogic: Firmware required by debiantesting kernel not available in firmware-qlogic 'reopen' may be inappropriate when a bug has been closed with a version; all fixed versions will be cleared, and you may need to re-add them. Bug reopened No longer marked as fixed in versions 20220913-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 1016945: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016945 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1016945: current firmware is missing from firmware-qlogic
Version: 20221012-1 Hi, I see the exact issue today as seen in this bugreport. [ 64.115490] qede: probe of :18:00.2 failed with error -2 [ 64.226721] qede :18:00.3: firmware: failed to load qed/qed_init_values_zipped-8.59.1.0.bin (-2) [ 64.226745] qede :18:00.3: firmware: failed to load qed/qed_init_values_zipped-8.59.1.0.bin (-2) [ 64.226750] qede :18:00.3: Direct firmware load for qed/qed_init_values_zipped-8.59.1.0.bin failed with error -2 [ 64.226756] [qed_slowpath_start:1266()]Failed to find fw file - /lib/firmware/qed/qed_init_values_zipped-8.59.1.0.bin [ 64.243449] qede: probe of :18:00.3 failed with error -2 root@grml ~ # dpkg -l firmware-qlogic Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ NameVersion Architecture Description +++-===---= ii firmware-qlogic 20221012-1 all Binary firmware for QLogic HBAs root@grml ~ # dpkg -L firmware-qlogic | grep qed /lib/firmware/qed /lib/firmware/qed/qed_init_values_zipped-8.10.10.0.bin /lib/firmware/qed/qed_init_values_zipped-8.33.1.0.bin /lib/firmware/qed/qed_init_values_zipped-8.33.11.0.bin /lib/firmware/qed/qed_init_values_zipped-8.37.2.0.bin /lib/firmware/qed/qed_init_values_zipped-8.42.2.0.bin root@grml ~ # uname -a Linux grml 6.0.0-3-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.0.7-1 (2022-11-05) x86_64 GNU/Linux Regards, Tamás
Bug#1019204: ss command freeze and the process cannot be killed
Thanks for the explanations Salvatore.
Processed: Re: Bug#1019204 closed by Stéphane Hoc (ss command freeze and the process cannot be killed)
Processing control commands: > fixed -1 6.0~rc7-1~exp1 Bug #1019204 {Done: Stéphane Hoc } [src:linux] ss command freeze and the process cannot be killed Marked as fixed in versions linux/6.0~rc7-1~exp1. -- 1019204: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019204 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1019204: closed by Stéphane Hoc (ss command freeze and the process cannot be killed)
Control: fixed -1 6.0~rc7-1~exp1 Hi Stéphane On Tue, Nov 15, 2022 at 11:42:03AM +, Debian Bug Tracking System wrote: > This is an automatic notification regarding your Bug report > which was filed against the iproute2 package: > > #1019204: ss command freeze and the process cannot be killed > > It has been closed by Stéphane Hoc . > > Their explanation is attached below along with your original report. > If this explanation is unsatisfactory and you have not received a > better one in a separate message then please contact Stéphane Hoc > by > replying to this email. > > > -- > 1019204: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019204 > Debian Bug Tracking System > Contact ow...@bugs.debian.org with problems > From: Stéphane Hoc > Date: Tue, 15 Nov 2022 12:38:01 +0100 > To: 1019204-d...@bugs.debian.org > Subject: ss command freeze and the process cannot be killed > > Version: 6.0.0-1 > > It's also fixed on my side, kernel 6.0.0-4-amd64 (6.0.8-1) on Debian > unstable. > This bug can now be closed. The fix was probably https://git.kernel.org/linus/76dd07281338da6951fdab3432ced843fa87839c which is in 6.0-rc7 upstream (and would have been backported to 5.19.12 (but the later was never uploaded as we switched to to the 6.x series after 5.19.11-1). Regards, Salvatore
Bug#1024149: linux-image-amd64: 32-bit mmap() puts large files at non-random address
Adding forgotten attachment... -- Jakub Wilk #include #include #include #include #include int main(int argc, char **argv) { struct stat st; if (fstat(0, &st) < 0) abort(); void *p = mmap(NULL, st.st_size, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 0, 0); printf("mmap(NULL, %zd, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 0, 0) = %p\n", (size_t) st.st_size, p); }
Processed: reassign 1019204 to src:linux, notfixed 1019204 in 6.0.0-1, closing 1019204
Processing commands for cont...@bugs.debian.org: > reassign 1019204 src:linux 5.19.6-1 Bug #1019204 {Done: Stéphane Hoc } [iproute2] ss command freeze and the process cannot be killed Bug reassigned from package 'iproute2' to 'src:linux'. No longer marked as found in versions iproute2/5.19.0-1. No longer marked as fixed in versions 6.0.0-1. Bug #1019204 {Done: Stéphane Hoc } [src:linux] ss command freeze and the process cannot be killed Marked as found in versions linux/5.19.6-1. > notfixed 1019204 6.0.0-1 Bug #1019204 {Done: Stéphane Hoc } [src:linux] ss command freeze and the process cannot be killed The source 'linux' and version '6.0.0-1' do not appear to match any binary packages Ignoring request to alter fixed versions of bug #1019204 to the same values previously set > close 1019204 6.0.8-1 Bug #1019204 {Done: Stéphane Hoc } [src:linux] ss command freeze and the process cannot be killed Marked as fixed in versions linux/6.0.8-1. Bug #1019204 {Done: Stéphane Hoc } [src:linux] ss command freeze and the process cannot be killed Bug 1019204 is already marked as done; not doing anything. > thanks Stopping processing here. Please contact me if you need assistance. -- 1019204: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019204 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1024149: linux-image-amd64: 32-bit mmap() puts large files at non-random address
Package: src:linux Version: 6.0.8-1 Tags: security Control: affects -1 + libc6 32-bit mmap() puts large (>= 2 MiB) files at the same address every time: $ i686-linux-gnu-gcc -static test-mmap.c -o test-mmap $ head -c $((2 * 1024 * 1024)) /dev/zero > zeros $ for i in 1 2 3; do ./test-mmap < zeros; done mmap(NULL, 2097152, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 0, 0) = 0xf7c0 mmap(NULL, 2097152, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 0, 0) = 0xf7c0 mmap(NULL, 2097152, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 0, 0) = 0xf7c0 In contrast, for smaller files, there's a few bits of entropy in the address: $ head -c $((2 * 1024 * 1024 - 4096)) /dev/zero > zeros $ for i in 1 2 3; do ./test-mmap < zeros; done mmap(NULL, 2093056, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 0, 0) = 0xf7d4a000 mmap(NULL, 2093056, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 0, 0) = 0xf7db8000 mmap(NULL, 2093056, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 0, 0) = 0xf7d99000 This weakens ASLR for most(?) programs, because libc.so.6 has recently become slightly larger than 2 MiB: $ wc -c /lib/i386-linux-gnu/libc.so.6 2225200 /lib/i386-linux-gnu/libc.so.6 $ for i in 1 2 3; do cat /proc/self/maps | grep ' r-xp .*/libc'; done f7c22000-f7d9b000 r-xp 00022000 fd:00 12059068 /lib/i386-linux-gnu/libc.so.6 f7c22000-f7d9b000 r-xp 00022000 fd:00 12059068 /lib/i386-linux-gnu/libc.so.6 f7c22000-f7d9b000 r-xp 00022000 fd:00 12059068 /lib/i386-linux-gnu/libc.so.6 Curiously, not all file systems are affected. I could reproduce the bug on ext4, but not on tmpfs or unionfs. -- Package-specific info: ** Version: Linux version 6.0.0-4-amd64 (debian-kernel@lists.debian.org) (gcc-12 (Debian 12.2.0-9) 12.2.0, GNU ld (GNU Binutils for Debian) 2.39) #1 SMP PREEMPT_DYNAMIC Debian 6.0.8-1 (2022-11-11) -- System Information: Debian Release: bookworm/sid APT prefers unstable Architecture: i386 (x86_64) Foreign Architectures: amd64 -- Jakub Wilk
Processed: linux-image-amd64: 32-bit mmap() puts large files at non-random address
Processing control commands: > affects -1 + libc6 Bug #1024149 [src:linux] linux-image-amd64: 32-bit mmap() puts large files at non-random address Added indication that 1024149 affects libc6 -- 1024149: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024149 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
reassign 1019204 to src:linux, notfixed 1019204 in 6.0.0-1, closing 1019204
reassign 1019204 src:linux 5.19.6-1 notfixed 1019204 6.0.0-1 close 1019204 6.0.8-1 thanks
Bug#1019204: marked as done (ss command freeze and the process cannot be killed)
Your message dated Tue, 15 Nov 2022 12:38:01 +0100 with message-id and subject line ss command freeze and the process cannot be killed has caused the Debian Bug report #1019204, regarding ss command freeze and the process cannot be killed to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1019204: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019204 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: iproute2 Version: 5.19.0-1 It appeared since kernel 5.19.6 worked fine with 5.18.16 on Debian unstable. This is what dmesg reports: [ 547.278515] BUG: unable to handle page fault for address: ffc8 [ 547.278527] #PF: supervisor read access in kernel mode [ 547.278532] #PF: error_code(0x) - not-present page [ 547.278537] PGD 292814067 P4D 292814067 PUD 292816067 PMD 0 [ 547.278548] Oops: [#1] PREEMPT SMP NOPTI [ 547.278556] CPU: 2 PID: 3428 Comm: ss Tainted: P OE 5.19.0-1-amd64 #1 Debian 5.19.6-1 [ 547.278564] Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./990FX Extreme9, BIOS P1.80 03/29/2016 [ 547.278570] RIP: 0010:raw_diag_dump+0xea/0x1d0 [raw_diag] [ 547.278581] Code: c3 89 44 24 24 4c 89 e8 41 89 ed 49 89 c7 48 8b 04 24 48 8b 58 08 89 dd 83 e5 01 74 0d e9 d5 00 00 00 48 8b 1b f6 c3 01 75 7f <4c> 3b 63 c8 75 f2 44 39 ed 7c 69 41 0f b6 07 66 39 43 a8 75 5f 41 [ 547.278587] RSP: 0018:a028c34df9e8 EFLAGS: 00010246 [ 547.278594] RAX: ad249960 RBX: RCX: 000c [ 547.278599] RDX: RSI: ad249960 RDI: [ 547.278604] RBP: R08: R09: 002a822e [ 547.278608] R10: 90a420c3 R11: R12: ad240a40 [ 547.278613] R13: R14: R15: 90a3a793d810 [ 547.278618] FS: 7f4c27db5c80() GS:90a68ec8() knlGS: [ 547.278624] CS: 0010 DS: ES: CR0: 80050033 [ 547.278629] CR2: ffc8 CR3: 00012ee2a000 CR4: 000406e0 [ 547.278634] Call Trace: [ 547.278639] [ 547.278647] __inet_diag_dump+0x3c/0xb0 [inet_diag] [ 547.278659] netlink_dump+0x18b/0x310 [ 547.278673] __netlink_dump_start+0x1b0/0x2e0 [ 547.278684] inet_diag_handler_cmd+0xb1/0xe0 [inet_diag] [ 547.278694] ? inet_diag_dump_start_compat+0x10/0x10 [inet_diag] [ 547.278702] ? inet_diag_dump_compat+0xb0/0xb0 [inet_diag] [ 547.278711] ? inet_diag_unregister+0x40/0x40 [inet_diag] [ 547.278720] sock_diag_rcv_msg+0x11d/0x140 [ 547.278729] ? sock_diag_bind+0x50/0x50 [ 547.278735] netlink_rcv_skb+0x51/0x100 [ 547.278743] sock_diag_rcv+0x24/0x40 [ 547.278750] netlink_unicast+0x23e/0x360 [ 547.278760] netlink_sendmsg+0x24e/0x4b0 [ 547.278771] sock_sendmsg+0x62/0x70 [ 547.278780] sys_sendmsg+0x230/0x270 [ 547.278787] ? import_iovec+0x2d/0x40 [ 547.278796] ? sendmsg_copy_msghdr+0x7d/0xa0 [ 547.278804] ? __check_object_size+0x4a/0x250 [ 547.278813] ? _copy_from_user+0x3a/0x60 [ 547.278820] ___sys_sendmsg+0x81/0xc0 [ 547.278829] ? ___sys_recvmsg+0x99/0x110 [ 547.278839] ? __check_object_size+0x4a/0x250 [ 547.278848] ? _copy_to_user+0x21/0x30 [ 547.278854] ? move_addr_to_user+0x4b/0xe0 [ 547.278862] __sys_sendmsg+0x59/0xa0 [ 547.278873] do_syscall_64+0x3b/0xc0 [ 547.278882] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 547.278890] RIP: 0033:0x7f4c27b0b443 [ 547.278897] Code: 64 89 02 48 c7 c0 ff ff ff ff eb b9 66 2e 0f 1f 84 00 00 00 00 00 90 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 89 54 24 1c 48 [ 547.278903] RSP: 002b:7fff97ae8418 EFLAGS: 0246 ORIG_RAX: 002e [ 547.278910] RAX: ffda RBX: 000a RCX: 7f4c27b0b443 [ 547.278915] RDX: RSI: 7fff97ae8500 RDI: 0003 [ 547.278919] RBP: 00ff R08: 0003 R09: 0078 [ 547.278923] R10: 009b R11: 0246 R12: 0003 [ 547.278927] R13: 7fff97ae8480 R14: 03010014 R15: 7fff97ae8570 [ 547.278935] [ 547.278939] Modules linked in: raw_diag inet_diag unix_diag nvidia_drm(POE) drm_kms_helper nvidia_modeset(POE) snd_hda_codec_realtek edac_mce_amd snd_hda_codec_hdmi snd_hda_codec_generic ledtrig_audio kvm_amd ccp rng_core kvm irqbypass ghash_clmulni_intel aesni_intel crypto_simd cryptd mxm_wmi snd_hda_intel fam15h_power k10temp snd_intel_dspcfg snd_intel_sdw_acpi joydev snd_hda_codec evdev snd_hda_core snd_hwdep sn
Bug#1019204: ss command freeze and the process cannot be killed
It has been solved. After updating Bookworm's kernel to v.6.