Ubuntu
linux package

crash when reading from /sys/kernel/tracing/rv/enabled_monitors

Bug #2131136 reported by Edoardo Canepa
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Undecided
Edoardo Canepa
Questing
Fix Released
High
Edoardo Canepa

Bug Description

As reported in https://lore.kernel.org/linux-trace-kernel/20250923002004.GA2836051@ax162/, commit "rv: Fix wrong type cast in enabled_monitors_next()" introduces a crash when accessing the sys node in Questing.

Crash has been fixed in upstream commit 103541e6a5854b08a25e4caa61e990af1009a52e:
"rv: Fully convert enabled_monitors to use list_head as iterator"

See original description

CVE References

Edoardo Canepa (ecanepa)
Changed in linux (Ubuntu Questing):
assignee: nobody → Edoardo Canepa (ecanepa)
Changed in linux (Ubuntu):
assignee: nobody → Edoardo Canepa (ecanepa)
Edoardo Canepa (ecanepa)
description: updated
description: updated
Stefan Bader (smb)
Changed in linux (Ubuntu):
status: New → Invalid
Changed in linux (Ubuntu Questing):
importance: Undecided → High
status: New → Triaged
status: Triaged → Fix Committed
Ubuntu Kernel Bot (ubuntu-kernel-bot)
tags: added: kernel-daily-bug
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux/6.17.0-8.8 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-questing-linux' to 'verification-done-questing-linux'. If the problem still exists, change the tag 'verification-needed-questing-linux' to 'verification-failed-questing-linux'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-questing-linux-v2 verification-needed-questing-linux
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux-aws-6.17/6.17.0-1005.5~24.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-noble-linux-aws-6.17' to 'verification-done-noble-linux-aws-6.17'. If the problem still exists, change the tag 'verification-needed-noble-linux-aws-6.17' to 'verification-failed-noble-linux-aws-6.17'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-noble-linux-aws-6.17-v2 verification-needed-noble-linux-aws-6.17
Revision history for this message
Manuel Diewald (diewald) wrote :
Download full text (5.3 KiB)

Crash with latest available kernel linux/6.17.0-7.7 when accessing /sys/kernel/tracing/rv/enabled_monitors:

$ sudo cat /sys/kernel/tracing/rv/enabled_monitors
[ 1295.472802] UBSAN: invalid-load in /build/linux-8YMEfB/linux-6.17.0/kernel/trace/rv/rv.c:503:10
[ 1295.477607] load of value 247 is not a valid value for type '_Bool'
[ 1295.492854] BUG: unable to handle page fault for address: 0000000a800001f7
[ 1295.493756] #PF: supervisor read access in kernel mode
[ 1295.494099] #PF: error_code(0x0000) - not-present page
[ 1295.494604] PGD 0 P4D 0
[ 1295.496689] Oops: Oops: 0000 [#1] SMP NOPTI
[ 1295.497106] CPU: 2 UID: 0 PID: 1506 Comm: cat Not tainted 6.17.0-7-generic #7-Ubuntu PREEMPT(voluntary)
[ 1295.497834] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014
[ 1295.498404] RIP: 0010:monitors_show+0x16/0x60
[ 1295.499320] Code: 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 8b 46 10 48 8b 4e c0 48 89 e5 48 85 c0 74 1f <48> 8b 10 48 c7 c6 79 3e be 91 e8 5b cc 26 00 31 c0 5d 31 d2 31 c9
[ 1295.500537] RSP: 0018:ffffcb0d4058fa78 EFLAGS: 00000202
[ 1295.500969] RAX: 0000000a800001f7 RBX: 0000000000000000 RCX: 0000000000000000
[ 1295.501405] RDX: 0000000000000000 RSI: ffffffff9261eb78 RDI: ffff8a8b4b30cf00
[ 1295.501800] RBP: ffffcb0d4058fa78 R08: 0000000000000000 R09: 0000000000000000
[ 1295.502143] R10: 0000000000000000 R11: 0000000000000000 R12: ffffcb0d4058fb20
[ 1295.502540] R13: ffff8a8b4554d100 R14: ffff8a8b4b30cf00 R15: ffffffff9261eb78
[ 1295.503282] FS: 00007023dd92ebc0(0000) GS:ffff8a8ce4d7f000(0000) knlGS:0000000000000000
[ 1295.503814] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1295.504198] CR2: 0000000a800001f7 CR3: 000000010ebf2000 CR4: 00000000000006f0
[ 1295.504778] Call Trace:
[ 1295.505236] <TASK>
[ 1295.505454] seq_read_iter+0x130/0x490
[ 1295.505752] seq_read+0x11b/0x160
[ 1295.505933] vfs_read+0xbf/0x3a0
[ 1295.506161] ksys_read+0x71/0xf0
[ 1295.506384] __x64_sys_read+0x19/0x30
[ 1295.506627] x64_sys_call+0x1e95/0x2330
[ 1295.506879] do_syscall_64+0x81/0xc90
[ 1295.507171] ? __memcg_slab_free_hook+0x115/0x190
[ 1295.507460] ? kmem_cache_free+0x4b4/0x4f0
[ 1295.507717] ? refill_obj_stock+0x149/0x270
[ 1295.508014] ? refill_obj_stock+0x149/0x270
[ 1295.508280] ? __memcg_slab_free_hook+0x115/0x190
[ 1295.508581] ? dentry_free+0x35/0x90
[ 1295.508909] ? kmem_cache_free+0x4b4/0x4f0
[ 1295.509201] ? __fput+0x1a2/0x2d0
[ 1295.509537] ? __fput+0x1a2/0x2d0
[ 1295.509791] ? fput_close_sync+0x40/0xc0
[ 1295.510038] ? __x64_sys_close+0x3e/0x90
[ 1295.510248] ? arch_exit_to_user_mode_prepare.isra.0+0xd/0xe0
[ 1295.510636] ? do_syscall_64+0xb9/0xc90
[ 1295.510851] ? exc_page_fault+0x90/0x1b0
[ 1295.511124] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 1295.515590] RIP: 0033:0x7023dd6a0186
[ 1295.517613] Code: 47 ba 04 00 00 00 48 8b 05 87 3c 19 00 64 89 10 48 c7 c2 ff ff ff ff c9 48 89 d0 c3 0f 1f 84 00 00 00 00 00 48 8b 45 10 0f 05 <48> 89 c2 48 3d 00 f0 ff ff 77 0f c9 48 89 d0 c3 66 2e 0f 1f 84 00
[ 1295.521139] RSP: 002b:00007ffc8c2fc3e0 EFLAGS: 00000202 ORIG_RAX: 0000000000000000
[ 1295.522786] RAX: ffffffffffffffda RBX: 00007ffc8c30c550 RCX...

Read more...

tags: added: verification-done-questing-linux
removed: verification-needed-questing-linux
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 6.17.0-8.8

---------------
linux (6.17.0-8.8) questing; urgency=medium

  * questing/linux: 6.17.0-8.8 -proposed tracker (LP: #2131554)

  * crash when reading from /sys/kernel/tracing/rv/enabled_monitors
    (LP: #2131136)
    - rv: Fully convert enabled_monitors to use list_head as iterator

  * i40e driver is triggering VF resets on every link state change
    (LP: #2130552)
    - i40e: avoid redundant VF link state updates

  * kernel crash on bootup for some arm64 machines (LP: #2129770)
    - KVM: arm64: Guard PMSCR_EL1 initialization with SPE presence check

  * CVE-2025-40018
    - ipvs: Defer ip_vs_ftp unregister during netns cleanup

 -- Manuel Diewald <email address hidden> Fri, 14 Nov 2025 17:53:03 +0100

Changed in linux (Ubuntu Questing):
status: Fix Committed → Fix Released
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux-realtime-6.17/6.17.0-1004.5~24.04.2 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-noble-linux-realtime-6.17' to 'verification-done-noble-linux-realtime-6.17'. If the problem still exists, change the tag 'verification-needed-noble-linux-realtime-6.17' to 'verification-failed-noble-linux-realtime-6.17'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-noble-linux-realtime-6.17-v2 verification-needed-noble-linux-realtime-6.17
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 6.17.0-8.8

---------------
linux (6.17.0-8.8) questing; urgency=medium

  * questing/linux: 6.17.0-8.8 -proposed tracker (LP: #2131554)

  * crash when reading from /sys/kernel/tracing/rv/enabled_monitors
    (LP: #2131136)
    - rv: Fully convert enabled_monitors to use list_head as iterator

  * i40e driver is triggering VF resets on every link state change
    (LP: #2130552)
    - i40e: avoid redundant VF link state updates

  * kernel crash on bootup for some arm64 machines (LP: #2129770)
    - KVM: arm64: Guard PMSCR_EL1 initialization with SPE presence check

  * CVE-2025-40018
    - ipvs: Defer ip_vs_ftp unregister during netns cleanup

 -- Manuel Diewald <email address hidden> Fri, 14 Nov 2025 17:53:03 +0100

Changed in linux (Ubuntu):
status: Invalid → Fix Released
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux-nvidia-6.17/6.17.0-1006.6 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-noble-linux-nvidia-6.17' to 'verification-done-noble-linux-nvidia-6.17'. If the problem still exists, change the tag 'verification-needed-noble-linux-nvidia-6.17' to 'verification-failed-noble-linux-nvidia-6.17'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-noble-linux-nvidia-6.17-v2 verification-needed-noble-linux-nvidia-6.17
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux-intel/6.17.0-1006.6 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-questing-linux-intel' to 'verification-done-questing-linux-intel'. If the problem still exists, change the tag 'verification-needed-questing-linux-intel' to 'verification-failed-questing-linux-intel'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-questing-linux-intel-v2 verification-needed-questing-linux-intel
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux-hwe-6.17/6.17.0-14.14~24.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-noble-linux-hwe-6.17' to 'verification-done-noble-linux-hwe-6.17'. If the problem still exists, change the tag 'verification-needed-noble-linux-hwe-6.17' to 'verification-failed-noble-linux-hwe-6.17'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-noble-linux-hwe-6.17-v2 verification-needed-noble-linux-hwe-6.17
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux-azure-6.17/6.17.0-1008.8~24.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-noble-linux-azure-6.17' to 'verification-done-noble-linux-azure-6.17'. If the problem still exists, change the tag 'verification-needed-noble-linux-azure-6.17' to 'verification-failed-noble-linux-azure-6.17'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-noble-linux-azure-6.17-v2 verification-needed-noble-linux-azure-6.17
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux-azure-fde-6.17/6.17.0-1005.5~24.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-noble-linux-azure-fde-6.17' to 'verification-done-noble-linux-azure-fde-6.17'. If the problem still exists, change the tag 'verification-needed-noble-linux-azure-fde-6.17' to 'verification-failed-noble-linux-azure-fde-6.17'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-noble-linux-azure-fde-6.17-v2 verification-needed-noble-linux-azure-fde-6.17
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux-gcp-6.17/6.17.0-1007.7~24.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-noble-linux-gcp-6.17' to 'verification-done-noble-linux-gcp-6.17'. If the problem still exists, change the tag 'verification-needed-noble-linux-gcp-6.17' to 'verification-failed-noble-linux-gcp-6.17'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-noble-linux-gcp-6.17-v2 verification-needed-noble-linux-gcp-6.17
Revision history for this message
Stefan Bader (smb) wrote :

# uname -a
Linux testn1 6.17.0-14-generic #14~24.04.1-Ubuntu SMP PREEMPT_DYNAMIC Thu Jan 15 15:52:10 UTC 2 x86_64 x86_64 x86_64 GNU/Linux
# ls -la /sys/kernel/tracing/rv/enabled_monitors
-rw-r----- 1 root root 0 Feb 3 13:51 /sys/kernel/tracing/rv/enabled_monitors
# cat /sys/kernel/tracing/rv/enabled_monitors
# journalctl -b0|grep BUG
<nothing printed>

tags: added: verification-done-noble-linux-hwe-6.17
removed: verification-needed-noble-linux-hwe-6.17
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux-oracle-6.17/6.17.0-1007.7~24.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-noble-linux-oracle-6.17' to 'verification-done-noble-linux-oracle-6.17'. If the problem still exists, change the tag 'verification-needed-noble-linux-oracle-6.17' to 'verification-failed-noble-linux-oracle-6.17'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-noble-linux-oracle-6.17-v2 verification-needed-noble-linux-oracle-6.17
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.