Public bug reported: It is super easy to madvise the VDSO with MADV_HWPOISON and this causes breakage across all userspace. It can be also run inside a root container, for example inside lxd and this causes out-side-of-container userspace breakage too.
Example: inside a container # gcc vdso.c -o vdso # ./vdso and nothing works outside the container too: ls Bus error (core dumped) mainly because the vdso now generates MCE errors when the page is accessed. Recommend not allowing madvise on vdso page vdso source: https://github.com/ColinIanKing/vdso/blob/master/vdso.c ** Affects: linux (Ubuntu) Importance: Critical Status: New ** Changed in: linux (Ubuntu) Importance: Undecided => Critical -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2121542 Title: MADV_HWPOISON on vdso is pretty dire, can be done within a container for system denial of service attack Status in linux package in Ubuntu: New Bug description: It is super easy to madvise the VDSO with MADV_HWPOISON and this causes breakage across all userspace. It can be also run inside a root container, for example inside lxd and this causes out-side-of- container userspace breakage too. Example: inside a container # gcc vdso.c -o vdso # ./vdso and nothing works outside the container too: ls Bus error (core dumped) mainly because the vdso now generates MCE errors when the page is accessed. Recommend not allowing madvise on vdso page vdso source: https://github.com/ColinIanKing/vdso/blob/master/vdso.c To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2121542/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
