KERNEL_SECURITY_CHECK_FAILURE mavi ekran hatası

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure.  The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
Arg2: fffff8041b86c300, Address of the trap frame for the exception that caused the bugcheck
Arg3: fffff8041b86c258, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved

Debugging Details:
------------------


TRAP_FRAME:  fffff8041b86c300 -- (.trap 0xfffff8041b86c300)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=ffffa78e2e4b4a90 rbx=0000000000000000 rcx=0000000000000003
rdx=ffffa78e2b11fe48 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8041586eb67 rsp=fffff8041b86c490 rbp=00000069c77cceba
 r8=00000069c77c0ced  r9=fffff804135828b0 r10=fffff8041357eac0
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl nz na po nc
nt!KiInsertTimerTable+0x1891f7:
fffff804`1586eb67 cd29            int     29h
Resetting default scope

EXCEPTION_RECORD:  fffff8041b86c258 -- (.exr 0xfffff8041b86c258)
ExceptionAddress: fffff8041586eb67 (nt!KiInsertTimerTable+0x00000000001891f7)
   ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
  ExceptionFlags: 00000001
NumberParameters: 1
   Parameter[0]: 0000000000000003

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  CODE_CORRUPTION

BUGCHECK_STR:  0x139

PROCESS_NAME:  System

CURRENT_IRQL:  2

ERROR_CODE: (NTSTATUS) 0xc0000409 - Sistem, bu uygulamada y

EXCEPTION_CODE: (NTSTATUS) 0xc0000409 - Sistem, bu uygulamada y

EXCEPTION_PARAMETER1:  0000000000000003

ANALYSIS_VERSION: 6.3.9600.17237 (debuggers(dbg).140716-0327) x86fre

DPC_STACK_BASE:  FFFFF8041B874FB0

EXCEPTION_STR:  0x0

LAST_CONTROL_TRANSFER:  from fffff80415805e69 to fffff804157f3ea0

STACK_TEXT: 
fffff804`1b86bfd8 fffff804`15805e69 : 00000000`00000139 00000000`00000003 fffff804`1b86c300 fffff804`1b86c258 : nt!KeBugCheckEx
fffff804`1b86bfe0 fffff804`15806290 : ffffa78e`35919840 fffff804`358a476c ffffa78e`2fcd1b40 ffffa78e`35919840 : nt!KiBugCheckDispatch+0x69
fffff804`1b86c120 fffff804`15804623 : 00000000`2ebd1dc0 00000001`00000000 fffff804`1357b180 00000000`00000000 : nt!KiFastFailDispatch+0xd0
fffff804`1b86c300 fffff804`1586eb67 : 00000000`00000000 fffff804`00000000 ffffa78e`2e4b5040 00000000`00000000 : nt!KiRaiseSecurityCheckFailure+0x323
fffff804`1b86c490 fffff804`15690573 : ffffffff`ffffffff 00000000`00000000 fffff804`1357b180 00000000`00000000 : nt!KiInsertTimerTable+0x1891f7
fffff804`1b86c510 fffff804`15690444 : ffffa78e`2f87da88 fffff804`1b86c650 00000000`000000df ffffa78e`2edd91a0 : nt!KiSetTimerEx+0x123
fffff804`1b86c570 fffff804`1adf3456 : ffffa78e`29c9db60 ffffa78e`29c9db50 fffff804`1b86c602 ffffa78e`2f87da88 : nt!KeSetTimer+0x14
fffff804`1b86c5b0 fffff804`1adb67bb : ffffa78e`2f87da88 fffff804`1b86c650 ffffa78e`2edd91a0 ffffa78e`2f87d320 : ndis!ndisQueuePeriodicReceivesTimer+0x6e
fffff804`1b86c5e0 fffff804`1ad93181 : ffffa78e`2f87d808 ffffa78e`2f87d320 00000000`00000000 00000000`ffffffff : ndis!ndisQueueDpcWorkItem+0x17b
fffff804`1b86c680 fffff804`156e9a3e : fffff804`1357e240 00000000`00000000 00000000`00000000 00000000`00000000 : ndis!ndisInterruptDpc+0x3ba91
fffff804`1b86c760 fffff804`156e8d24 : 00000000`00000000 00000000`00000000 00000000`00140001 00000000`00000000 : nt!KiExecuteAllDpcs+0x30e
fffff804`1b86c8d0 fffff804`157f7a0e : 00000000`00000000 fffff804`1357b180 fffff804`16126600 ffffa78e`35088080 : nt!KiRetireDpcList+0x1f4
fffff804`1b86cb60 00000000`00000000 : fffff804`1b86d000 fffff804`1b866000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x9e


STACK_COMMAND:  kb

CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
    fffff8041569df9f-fffff8041569dfa0  2 bytes - nt!MiChangePageAttribute+5f
    [ 80 fa:00 f9 ]
    fffff804157963af-fffff804157963b1  3 bytes - nt!MiFreeUltraMapping+33 (+0xf8410)
    [ 7d fb f6:74 e9 d2 ]
5 errors : !nt (fffff8041569df9f-fffff804157963b1)

MODULE_NAME: memory_corruption

IMAGE_NAME:  memory_corruption

FOLLOWUP_NAME:  memory_corruption

DEBUG_FLR_IMAGE_TIMESTAMP:  0

MEMORY_CORRUPTOR:  LARGE

FAILURE_BUCKET_ID:  MEMORY_CORRUPTION_LARGE

BUCKET_ID:  MEMORY_CORRUPTION_LARGE

ANALYSIS_SOURCE:  KM

FAILURE_ID_HASH_STRING:  km:memory_corruption_large

FAILURE_ID_HASH:  {e29154ac-69a4-0eb8-172a-a860f73c0a3c}

Followup: memory_corruption
---------

KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure.  The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
Arg2: fffff8041b86c300, Address of the trap frame for the exception that caused the bugcheck
Arg3: fffff8041b86c258, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved

Debugging Details:
------------------

*** WARNING: Unable to verify timestamp for win32k.sys

KEY_VALUES_STRING: 1

Key : Analysis.CPU.mSec
Value: 6453

Key : Analysis.DebugAnalysisProvider.CPP
Value: Create: 8007007e on BORA

Key : Analysis.DebugData
Value: CreateObject

Key : Analysis.DebugModel
Value: CreateObject

Key : Analysis.Elapsed.mSec
Value: 17280

Key : Analysis.Memory.CommitPeak.Mb
Value: 82

Key : Analysis.System
Value: CreateObject

Key : WER.OS.Branch
Value: vb_release

Key : WER.OS.Timestamp
Value: 2019-12-06T14:06:00Z

Key : WER.OS.Version
Value: 10.0.19041.1


ADDITIONAL_XML: 1

OS_BUILD_LAYERS: 1

BUGCHECK_CODE: 139

BUGCHECK_P1: 3

BUGCHECK_P2: fffff8041b86c300

BUGCHECK_P3: fffff8041b86c258

BUGCHECK_P4: 0

TRAP_FRAME:  fffff8041b86c300 -- (.trap 0xfffff8041b86c300)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=ffffa78e2e4b4a90 rbx=0000000000000000 rcx=0000000000000003
rdx=ffffa78e2b11fe48 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8041586eb67 rsp=fffff8041b86c490 rbp=00000069c77cceba
r8=00000069c77c0ced r9=fffff804135828b0 r10=fffff8041357eac0
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na po nc
nt!KiInsertTimerTable+0x1891f7:
fffff804`1586eb67 cd29 int 29h
Resetting default scope

EXCEPTION_RECORD:  fffff8041b86c258 -- (.exr 0xfffff8041b86c258)
ExceptionAddress: fffff8041586eb67 (nt!KiInsertTimerTable+0x00000000001891f7)
   ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
ExceptionFlags: 00000001
NumberParameters: 1
Parameter[0]: 0000000000000003
Subcode: 0x3 FAST_FAIL_CORRUPT_LIST_ENTRY

BLACKBOXBSD: 1 (!blackboxbsd)


BLACKBOXNTFS: 1 (!blackboxntfs)


BLACKBOXPNP: 1 (!blackboxpnp)


BLACKBOXWINLOGON: 1

PROCESS_NAME: System

ERROR_CODE: (NTSTATUS) 0xc0000409 - Sistem, bu uygulamada y n tabanl bir arabelle in ta t n alg lad . Bu ta ma, k t niyetli bir kullan c n n bu uygulaman n denetimini ele ge irmesine olanak verebilir.

EXCEPTION_CODE_STR: c0000409

EXCEPTION_PARAMETER1: 0000000000000003

EXCEPTION_STR: 0xc0000409

STACK_TEXT:
fffff804`1b86bfd8 fffff804`15805e69 : 00000000`00000139 00000000`00000003 fffff804`1b86c300 fffff804`1b86c258 : nt!KeBugCheckEx
fffff804`1b86bfe0 fffff804`15806290 : ffffa78e`35919840 fffff804`358a476c ffffa78e`2fcd1b40 ffffa78e`35919840 : nt!KiBugCheckDispatch+0x69
fffff804`1b86c120 fffff804`15804623 : 00000000`2ebd1dc0 00000001`00000000 fffff804`1357b180 00000000`00000000 : nt!KiFastFailDispatch+0xd0
fffff804`1b86c300 fffff804`1586eb67 : 00000000`00000000 fffff804`00000000 ffffa78e`2e4b5040 00000000`00000000 : nt!KiRaiseSecurityCheckFailure+0x323
fffff804`1b86c490 fffff804`15690573 : ffffffff`ffffffff 00000000`00000000 fffff804`1357b180 00000000`00000000 : nt!KiInsertTimerTable+0x1891f7
fffff804`1b86c510 fffff804`15690444 : ffffa78e`2f87da88 fffff804`1b86c650 00000000`000000df ffffa78e`2edd91a0 : nt!KiSetTimerEx+0x123
fffff804`1b86c570 fffff804`1adf3456 : ffffa78e`29c9db60 ffffa78e`29c9db50 fffff804`1b86c602 ffffa78e`2f87da88 : nt!KeSetTimer+0x14
fffff804`1b86c5b0 fffff804`1adb67bb : ffffa78e`2f87da88 fffff804`1b86c650 ffffa78e`2edd91a0 ffffa78e`2f87d320 : ndis!ndisQueuePeriodicReceivesTimer+0x6e
fffff804`1b86c5e0 fffff804`1ad93181 : ffffa78e`2f87d808 ffffa78e`2f87d320 00000000`00000000 00000000`ffffffff : ndis!ndisQueueDpcWorkItem+0x17b
fffff804`1b86c680 fffff804`156e9a3e : fffff804`1357e240 00000000`00000000 00000000`00000000 00000000`00000000 : ndis!ndisInterruptDpc+0x3ba91
fffff804`1b86c760 fffff804`156e8d24 : 00000000`00000000 00000000`00000000 00000000`00140001 00000000`00000000 : nt!KiExecuteAllDpcs+0x30e
fffff804`1b86c8d0 fffff804`157f7a0e : 00000000`00000000 fffff804`1357b180 fffff804`16126600 ffffa78e`35088080 : nt!KiRetireDpcList+0x1f4
fffff804`1b86cb60 00000000`00000000 : fffff804`1b86d000 fffff804`1b866000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x9e


SYMBOL_NAME: nt!KiInsertTimerTable+1891f7

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

IMAGE_VERSION: 10.0.19041.508

STACK_COMMAND: .thread ; .cxr ; kb

BUCKET_ID_FUNC_OFFSET: 1891f7

FAILURE_BUCKET_ID: 0x139_3_CORRUPT_LIST_ENTRY_KTIMER_LIST_CORRUPTION_nt!KiInsertTimerTable

OS_VERSION: 10.0.19041.1

BUILDLAB_STR: vb_release

OSPLATFORM_TYPE: x64

OSNAME: Windows 10

FAILURE_ID_HASH: {f89e8bcc-9d62-a3aa-7602-6fa1ac774850}

Followup: MachineOwner
---------