******************************************************************************** *
* Bugcheck Analysis *
* *
*******************************************************************************
KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure. The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
Arg2: ffffd001e5cc72e0, Address of the trap frame for the exception that caused the bugcheck
Arg3: ffffd001e5cc7238, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved
Debugging Details:
------------------
TRAP_FRAME: ffffd001e5cc72e0 -- (.trap 0xffffd001e5cc72e0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=ffffe00154096600 rbx=0000000000000000 rcx=0000000000000003
rdx=ffffe001501a8568 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8004f0f1414 rsp=ffffd001e5cc7470 rbp=0000000000000027
r8=ffffe0015774f010 r9=0000000000000000 r10=fffffa800d1e5840
r11=ffffe001577d1010 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei ng nz na pe cy
nvlddmkm+0x40414:
fffff800`4f0f1414 ?? ???
Resetting default scope
EXCEPTION_RECORD: ffffd001e5cc7238 -- (.exr 0xffffd001e5cc7238)
ExceptionAddress: fffff8004f0f1414 (nvlddmkm+0x0000000000040414)
ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
ExceptionFlags: 00000001
NumberParameters: 1
Parameter[0]: 0000000000000003
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: LIST_ENTRY_CORRUPT
BUGCHECK_STR: 0x139
PROCESS_NAME: sniffer.exe
CURRENT_IRQL: 2
ERROR_CODE: (NTSTATUS) 0xc0000409 - Er is een bufferoverschrijdingsfout opgetreden voor stack-buffer in deze toepassing. Via deze overschrijdingsfout kan een kwaadwillige gebruiker de controle over deze toepassing verkrijgen.
EXCEPTION_CODE: (NTSTATUS) 0xc0000409 - Er is een bufferoverschrijdingsfout opgetreden voor stack-buffer in deze toepassing. Via deze overschrijdingsfout kan een kwaadwillige gebruiker de controle over deze toepassing verkrijgen.
EXCEPTION_PARAMETER1: 0000000000000003
ANALYSIS_VERSION: 6.3.9600.17336 (debuggers(dbg).150226-1500) amd64fre
LAST_CONTROL_TRANSFER: from fffff80105f784e9 to fffff80105f6c9a0
STACK_TEXT:
ffffd001`e5cc6fb8 fffff801`05f784e9 : 00000000`00000139 00000000`00000003 ffffd001`e5cc72e0 ffffd001`e5cc7238 : nt!KeBugCheckEx
ffffd001`e5cc6fc0 fffff801`05f78810 : ffffe001`4c167000 00001f80`00000000 00000000`00000001 ffffe001`577d1000 : nt!KiBugCheckDispatch+0x69
ffffd001`e5cc7100 fffff801`05f77a34 : 00000411`d55d6d68 00000000`00000000 00000000`00000000 00000020`00000005 : nt!KiFastFailDispatch+0xd0
ffffd001`e5cc72e0 fffff800`4f0f1414 : ffffe001`540947b0 fffff800`4f7d6300 ffffe001`5594a010 00000000`00000000 : nt!KiRaiseSecurityCheckFailure+0xf4
ffffd001`e5cc7470 ffffe001`540947b0 : fffff800`4f7d6300 ffffe001`5594a010 00000000`00000000 fffff6fb`740008e0 : nvlddmkm+0x40414
ffffd001`e5cc7478 fffff800`4f7d6300 : ffffe001`5594a010 00000000`00000000 fffff6fb`740008e0 fffff6fb`7dba0000 : 0xffffe001`540947b0
ffffd001`e5cc7480 ffffe001`5594a010 : 00000000`00000000 fffff6fb`740008e0 fffff6fb`7dba0000 00000000`00000d20 : nvlddmkm+0x725300
ffffd001`e5cc7488 00000000`00000000 : fffff6fb`740008e0 fffff6fb`7dba0000 00000000`00000d20 ffffe001`563705c0 : 0xffffe001`5594a010
STACK_COMMAND: kb
FOLLOWUP_IP:
nvlddmkm+40414
fffff800`4f0f1414 ?? ???
SYMBOL_STACK_INDEX: 4
SYMBOL_NAME: nvlddmkm+40414
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nvlddmkm
IMAGE_NAME: nvlddmkm.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 5581075a
FAILURE_BUCKET_ID: 0x139_3_nvlddmkm+40414
BUCKET_ID: 0x139_3_nvlddmkm+40414
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:0x139_3_nvlddmkm+40414
FAILURE_ID_HASH: {174cbec8-1737-6bde-7d75-3b60ab813179}