Public bug reported: It is super easy to madvise the VDSO with MADV_HWPOISON and this causes breakage across all userspace. It can be also run inside a root container, for example inside lxd and this causes out-side-of-container userspace breakage too.
Example: inside a container # gcc vdso.c -o vdso # ./vdso and nothing works outside the container too: ls Bus error (core dumped) mainly because the vdso now generates MCE errors when the page is accessed. Recommend not allowing madvise on vdso page vdso source: https://github.com/ColinIanKing/vdso/blob/master/vdso.c ** Affects: linux (Ubuntu) Importance: Critical Status: New ** Changed in: linux (Ubuntu) Importance: Undecided => Critical -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2121542 Title: MADV_HWPOISON on vdso is pretty dire, can be done within a container for system denial of service attack To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2121542/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
