Identified this issue in Focal starting with the update to 105 kernel. Constant soft lockups then freezing when kauditd/auditd exceeded backlog limit. Due to DoD requirements, all systems set to audit=1 in kernel boot options and have stringent list of syscalls/binaries/files that are audited.
Added focal-proposed repo and updated to 109 kernel. Few hours of compiling and heavy static code analysis loads on system and no lockups as of yet. This is a really scary bug - seems to be present on all linux kernels and a huge threat as a DDoS. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1965723 Title: audit: improve audit queue handling when "audit=1" on cmdline To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1965723/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
