Skip to content

Instantly share code, notes, and snippets.

@isosphere

isosphere/2024-08-02_kernel_log_usb_insertion_minimal

Created August 2, 2024 23:49
Show Gist options
  • Save isosphere/da82f0bbc53b216486553a484a7ceb33 to your computer and use it in GitHub Desktop.
Save isosphere/da82f0bbc53b216486553a484a7ceb33 to your computer and use it in GitHub Desktop.
Download ZIP
A minimal kernel log from a system that has had this plugged into it: https://www.amazon.ca/dp/B0CZ3SJJR2?psc=1&ref=ppx_yo2ov_dt_b_product_details
Raw
2024-08-02_kernel_log_usb_insertion_minimal
Aug 02 15:44:49 yarrow kernel: usb 1-1: new full-speed USB device number 5 using xhci_hcd
Aug 02 15:44:50 yarrow kernel: usb 1-1: New USB device found, idVendor=0403, idProduct=6001, bcdDevice= 6.00
Aug 02 15:44:50 yarrow kernel: usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
Aug 02 15:44:50 yarrow kernel: usb 1-1: Product: FT232R USB UART
Aug 02 15:44:50 yarrow kernel: usb 1-1: Manufacturer: FTDI
Aug 02 15:44:50 yarrow kernel: usb 1-1: SerialNumber: A50285BI
Aug 02 15:44:50 yarrow kernel: w[37611]: segfault at 4c ip 000055675900009e sp 00007ffe5dcbedb0 error 4 in w[556758fff000+3000] likely on CPU 10 (core 5, socket 0)
Aug 02 15:44:50 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1 ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 15:44:50 yarrow kernel: w[38086]: segfault at 4c ip 000055c25aded09e sp 00007ffc7492ea40 error 4 in w[55c25adec000+3000] likely on CPU 11 (core 5, socket 0)
Aug 02 15:44:50 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1 ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 15:44:50 yarrow kernel: usbcore: registered new interface driver usbserial_generic
Aug 02 15:44:50 yarrow kernel: usbserial: USB Serial support registered for generic
Aug 02 15:44:50 yarrow kernel: usbcore: registered new interface driver ftdi_sio
Aug 02 15:44:50 yarrow kernel: usbserial: USB Serial support registered for FTDI USB Serial Device
Aug 02 15:44:50 yarrow kernel: ftdi_sio 1-1:1.0: FTDI USB Serial Device converter detected
Aug 02 15:44:50 yarrow kernel: usb 1-1: Detected FT232R
Aug 02 15:44:50 yarrow kernel: usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
Aug 02 15:44:50 yarrow kernel: w[38256]: segfault at 4c ip 000055bbd6cd809e sp 00007ffe79bcf210 error 4 in w[55bbd6cd7000+3000] likely on CPU 12 (core 6, socket 0)
Aug 02 15:44:50 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1 ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 15:44:50 yarrow kernel: w[38731]: segfault at 4c ip 000055f74e7ac09e sp 00007fffe9adac80 error 4 in w[55f74e7ab000+3000] likely on CPU 10 (core 5, socket 0)
Aug 02 15:44:50 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1 ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 15:47:05 yarrow kernel: usb 1-1: USB disconnect, device number 5
Aug 02 15:47:05 yarrow kernel: ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
Aug 02 15:47:05 yarrow kernel: ftdi_sio 1-1:1.0: device disconnected
Aug 02 15:47:13 yarrow kernel: usb 1-2: new full-speed USB device number 6 using xhci_hcd
Aug 02 15:47:13 yarrow kernel: usb 1-2: New USB device found, idVendor=0403, idProduct=6001, bcdDevice= 6.00
Aug 02 15:47:13 yarrow kernel: usb 1-2: New USB device strings: Mfr=1, Product=2, SerialNumber=3
Aug 02 15:47:13 yarrow kernel: usb 1-2: Product: FT232R USB UART
Aug 02 15:47:13 yarrow kernel: usb 1-2: Manufacturer: FTDI
Aug 02 15:47:13 yarrow kernel: usb 1-2: SerialNumber: A50285BI
Aug 02 15:47:13 yarrow kernel: ftdi_sio 1-2:1.0: FTDI USB Serial Device converter detected
Aug 02 15:47:13 yarrow kernel: usb 1-2: Detected FT232R
Aug 02 15:47:13 yarrow kernel: usb 1-2: FTDI USB Serial Device converter now attached to ttyUSB0
Aug 02 15:47:14 yarrow kernel: w[39482]: segfault at 4c ip 000055ea78fc909e sp 00007ffc3217f660 error 4 in w[55ea78fc8000+3000] likely on CPU 2 (core 1, socket 0)
Aug 02 15:47:14 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1 ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 15:47:14 yarrow kernel: w[39959]: segfault at 4c ip 00005558b04d709e sp 00007fff96baec40 error 4 in w[5558b04d6000+3000] likely on CPU 6 (core 3, socket 0)
Aug 02 15:47:14 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1 ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 15:47:14 yarrow kernel: w[40123]: segfault at 4c ip 000055929be9809e sp 00007ffc2ab9bc10 error 4 in w[55929be97000+3000] likely on CPU 11 (core 5, socket 0)
Aug 02 15:47:14 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1 ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 15:47:14 yarrow kernel: w[40601]: segfault at 4c ip 000055785f40e09e sp 00007ffc11721630 error 4 in w[55785f40d000+3000] likely on CPU 10 (core 5, socket 0)
Aug 02 15:47:14 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1 ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 15:53:23 yarrow kernel: ath11k_pci 0000:02:00.0: msdu_done bit in attention is not set
Aug 02 15:53:23 yarrow kernel: ath11k_pci 0000:02:00.0: msdu_done bit in attention is not set
Aug 02 15:56:23 yarrow kernel: ath11k_pci 0000:02:00.0: msdu_done bit in attention is not set
Aug 02 15:57:31 yarrow kernel: ath11k_pci 0000:02:00.0: msdu_done bit in attention is not set
Aug 02 16:00:11 yarrow kernel: usb 1-2: USB disconnect, device number 6
Aug 02 16:00:11 yarrow kernel: ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
Aug 02 16:00:11 yarrow kernel: ftdi_sio 1-2:1.0: device disconnected
Aug 02 16:00:22 yarrow kernel: w[42380]: segfault at 4c ip 000055d81603009e sp 00007fffa1280430 error 4 in w[55d81602f000+3000] likely on CPU 5 (core 2, socket 0)
Aug 02 16:00:22 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1 ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 16:00:22 yarrow kernel: NMI watchdog: Enabled. Permanently consumes one hw-PMU counter.
Aug 02 16:00:22 yarrow kernel: EXT4-fs (dm-1): re-mounted 9cdd0a9f-290c-4e7b-8916-916855d22d65 r/w. Quota mode: none.
Aug 02 16:00:22 yarrow kernel: EXT4-fs (nvme0n1p2): re-mounted ebdb2539-5be0-40e1-8e7c-ec5ae52e4837 r/w. Quota mode: none.
Aug 02 16:00:22 yarrow kernel: w[42893]: segfault at 4c ip 0000565129de009e sp 00007fffe1896090 error 4 in w[565129ddf000+3000] likely on CPU 10 (core 5, socket 0)
Aug 02 16:00:22 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1 ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 16:00:22 yarrow kernel: r8169 0000:01:00.0 enp1s0f0: Link is Down
Aug 02 16:35:14 yarrow kernel: w[43752]: segfault at 4c ip 000055cf0d03109e sp 00007ffc406afb00 error 4 in w[55cf0d030000+3000] likely on CPU 14 (core 7, socket 0)
Aug 02 16:35:14 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1 ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 16:37:06 yarrow kernel: w[43915]: segfault at 4c ip 0000559cbb20009e sp 00007ffe8f168930 error 4 in w[559cbb1ff000+3000] likely on CPU 8 (core 4, socket 0)
Aug 02 16:37:06 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1 ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 16:37:13 yarrow kernel: w[43954]: segfault at 4c ip 0000555ceb8ee09e sp 00007fff21ba8f90 error 4 in w[555ceb8ed000+3000] likely on CPU 8 (core 4, socket 0)
Aug 02 16:37:13 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1 ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 16:37:25 yarrow kernel: usb 1-2: new full-speed USB device number 7 using xhci_hcd
Aug 02 16:37:25 yarrow kernel: usb 1-2: New USB device found, idVendor=0403, idProduct=6001, bcdDevice= 6.00
Aug 02 16:37:25 yarrow kernel: usb 1-2: New USB device strings: Mfr=1, Product=2, SerialNumber=3
Aug 02 16:37:25 yarrow kernel: usb 1-2: Product: FT232R USB UART
Aug 02 16:37:25 yarrow kernel: usb 1-2: Manufacturer: FTDI
Aug 02 16:37:25 yarrow kernel: usb 1-2: SerialNumber: A50285BI
Aug 02 16:37:25 yarrow kernel: ftdi_sio 1-2:1.0: FTDI USB Serial Device converter detected
Aug 02 16:37:25 yarrow kernel: usb 1-2: Detected FT232R
Aug 02 16:37:25 yarrow kernel: usb 1-2: FTDI USB Serial Device converter now attached to ttyUSB0
Aug 02 16:37:26 yarrow kernel: w[44129]: segfault at 4c ip 0000558243a4d09e sp 00007ffe6a7d1c90 error 4 in w[558243a4c000+3000] likely on CPU 4 (core 2, socket 0)
Aug 02 16:37:26 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1 ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 16:37:30 yarrow kernel: usb 1-2: USB disconnect, device number 7
Aug 02 16:37:30 yarrow kernel: ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
Aug 02 16:37:30 yarrow kernel: ftdi_sio 1-2:1.0: device disconnected
Aug 02 17:02:09 yarrow kernel: ath11k_pci 0000:02:00.0: msdu_done bit in attention is not set
Aug 02 18:08:58 yarrow kernel: w[50315]: segfault at 4c ip 000055d25f19e09e sp 00007ffd80804b30 error 4 in w[55d25f19d000+3000] likely on CPU 12 (core 6, socket 0)
Aug 02 18:08:58 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1 ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 18:08:58 yarrow kernel: EXT4-fs (dm-1): re-mounted 9cdd0a9f-290c-4e7b-8916-916855d22d65 r/w. Quota mode: none.
Aug 02 18:08:58 yarrow kernel: EXT4-fs (nvme0n1p2): re-mounted ebdb2539-5be0-40e1-8e7c-ec5ae52e4837 r/w. Quota mode: none.
Aug 02 18:08:58 yarrow kernel: w[50803]: segfault at 4c ip 0000564710f2709e sp 00007ffd406b9370 error 4 in w[564710f26000+3000] likely on CPU 7 (core 3, socket 0)
Aug 02 18:08:58 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1 ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 18:21:56 yarrow kernel: ath11k_pci 0000:02:00.0: msdu_done bit in attention is not set
Aug 02 18:21:57 yarrow kernel: ath11k_pci 0000:02:00.0: msdu_done bit in attention is not set
Aug 02 18:28:00 yarrow kernel: ath11k_pci 0000:02:00.0: msdu_done bit in attention is not set
Aug 02 18:28:23 yarrow kernel: ath11k_pci 0000:02:00.0: msdu_done bit in attention is not set
Aug 02 18:33:54 yarrow kernel: w[53095]: segfault at 4c ip 00005619b80e509e sp 00007ffdf9d6c950 error 4 in w[5619b80e400
0+3000] likely on CPU 10 (core 5, socket 0)
Aug 02 18:33:54 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1
ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 18:33:54 yarrow kernel: NMI watchdog: Enabled. Permanently consumes one hw-PMU counter.
Aug 02 18:33:54 yarrow kernel: EXT4-fs (dm-1): re-mounted 9cdd0a9f-290c-4e7b-8916-916855d22d65 r/w. Quota mode: none.
Aug 02 18:33:54 yarrow kernel: EXT4-fs (nvme0n1p2): re-mounted ebdb2539-5be0-40e1-8e7c-ec5ae52e4837 r/w. Quota mode: none.
Aug 02 18:33:54 yarrow kernel: w[53604]: segfault at 4c ip 0000562b36fc409e sp 00007fff783442d0 error 4 in w[562b36fc3000+3000] likely on CPU 12 (core 6, socket 0)
Aug 02 18:33:54 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1 ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 18:33:55 yarrow kernel: r8169 0000:01:00.0 enp1s0f0: Link is Down
Aug 02 18:50:44 yarrow kernel: w[54661]: segfault at 4c ip 000055f0f2ce509e sp 00007ffc432e4440 error 4 in w[55f0f2ce4000+3000] likely on CPU 12 (core 6, socket 0)
Aug 02 18:50:44 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1 ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 18:50:45 yarrow kernel: EXT4-fs (dm-1): re-mounted 9cdd0a9f-290c-4e7b-8916-916855d22d65 r/w. Quota mode: none.
Aug 02 18:50:45 yarrow kernel: EXT4-fs (nvme0n1p2): re-mounted ebdb2539-5be0-40e1-8e7c-ec5ae52e4837 r/w. Quota mode: none.
Aug 02 18:50:45 yarrow kernel: w[55150]: segfault at 4c ip 0000564f0578f09e sp 00007ffe13ac32d0 error 4 in w[564f0578e000+3000] likely on CPU 11 (core 5, socket 0)
Aug 02 18:50:45 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1 ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 18:52:04 yarrow kernel: w[55704]: segfault at 4c ip 0000557a8598509e sp 00007ffe85b36980 error 4 in w[557a85984000+3000] likely on CPU 0 (core 0, socket 0)
Aug 02 18:52:04 yarrow kernel: Code: 0f be c3 48 8b 12 f6 44 42 01 40 74 7f 80 fb 20 74 7a 0f be fb 48 83 c5 01 e8 6e f1 ff ff 49 39 ee 0f 84 7d 00 00 00 45 89 e7 <0f> b6 5d 00 84 db 75 ba 45 85 ff 75 65 48 8b 35 76 3f 00 00 bf 2d
Aug 02 18:52:04 yarrow kernel: EXT4-fs (dm-1): re-mounted 9cdd0a9f-290c-4e7b-8916-916855d22d65 r/w. Quota mode: none.
Aug 02 18:52:04 yarrow kernel: EXT4-fs (nvme0n1p2): re-mounted ebdb2539-5be0-40e1-8e7c-ec5ae52e4837 r/w. Quota mode: none.
Aug 02 18:52:05 yarrow kernel: r8169 0000:01:00.0 enp1s0f0: Link is Down
Aug 02 18:52:05 yarrow kernel: wlp2s0: deauthenticating from 88:d7:f6:68:54:ac by local choice (Reason: 3=DEAUTH_LEAVING)
Aug 02 18:52:09 yarrow kernel: EXT4-fs (nvme0n1p2): unmounting filesystem ebdb2539-5be0-40e1-8e7c-ec5ae52e4837.
Aug 02 18:52:09 yarrow systemd-shutdown[1]: Syncing filesystems and block devices.
Aug 02 18:52:09 yarrow systemd-shutdown[1]: Sending SIGTERM to remaining processes...
Aug 02 18:52:09 yarrow systemd-journald[701]: Received SIGTERM from PID 1 (systemd-shutdow).
@isosphere
Copy link
Author

Aug 02 15:44:50 yarrow kernel: usb 1-1: SerialNumber: A50285BI

A quick google of this serial number reveals it to be a common fake: https://www.google.com/search?client=firefox-b-d&q=A50285BI

@isosphere
Copy link
Author

Connecting the device to my laptop (yarrow) causes segfaults in system processes, remounts of my storage devices, and disconnection/reconnection of my network interfaces. This is very suspicious.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment