A violation of memory access flaw was found while detecting a padding of int3 in the linking state in function can_optimize in arch/x86/kernel/kprobes/opt.c. In this problem a local attacker with a special user privilege may cause a threat to a system Integrity and Confidentiality, and may even lead to a denial of service problem. Here a broken KRETPROBES reports corruption of .text section while running a FTRACE stress tester. [ 5388.259689] Kernel panic - not syncing: [p_lkrg] Kernel Integrity verification failed! Killing the kernel... [ 5388.269522] CPU: 17 PID: 138522 Comm: kworker/u69:1 Tainted: G W OE 5.4.62-std-debug-alt1 #1 [ 5388.278997] Hardware name: Supermicro Super Server/H11DSi, BIOS 1.2 04/15/2019 [ 5388.286243] Workqueue: events_unbound p_check_integrity [p_lkrg] [ 5388.292255] Call Trace: [ 5388.294718] dump_stack+0xac/0xec [ 5388.298055] panic+0x119/0x31a [ 5388.301154] p_check_integrity.cold+0x1828/0x1e81 [p_lkrg] [ 5388.306670] process_one_work+0x2ad/0x5e0 [ 5388.310713] worker_thread+0x4d/0x3e0 [ 5388.314389] ? process_one_work+0x5e0/0x5e0 [ 5388.318586] kthread+0x133/0x150 [ 5388.321832] ? kthread_mod_delayed_work+0xc0/0xc0 [ 5388.326548] ret_from_fork+0x27/0x50 [ 5388.330546] Kernel Offset: disabled [ 5388.339867] ---[ end Kernel panic - not syncing: [p_lkrg] Kernel Integrity verification failed! Killing the kernel... ]--- Reference: http://blog.pi3.com.pl/?p=831
Mitigation: Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
External References: http://blog.pi3.com.pl/?p=831