RHEL 7 kernel panic: "usercopy: kernel memory exposure attempt detected from X (kmalloc-1024)"

Solution Unverified - Updated -

Issue

  • Kernel Panic with the following backtrace in network receive:
usercopy: kernel memory exposure attempt detected from <address> (kmalloc-1024) (<size larger than 1024> bytes)
------------[ cut here ]------------
kernel BUG at mm/usercopy.c:72!
invalid opcode: 0000 [#1] SMP 
...
CPU: 13 PID: 21856 Comm: tgtd Kdump: loaded Tainted: P        W  OE  ------------ T 3.10.0-957.el7.x86_64 #1
...
RIP: 0010:[<ffffffffa6a3def7>]  [<ffffffffa6a3def7>] __check_object_size+0x87/0x250
...
Call Trace:
 [<ffffffffa6b8be6d>] memcpy_toiovec+0x4d/0xb0
 [<ffffffffa6e2a7d8>] skb_copy_datagram_iovec+0x128/0x280
 [<ffffffffa6e916aa>] tcp_recvmsg+0x22a/0xb30
 [<ffffffffa6ec0060>] inet_recvmsg+0x80/0xb0
 [<ffffffffa6e186ec>] sock_aio_read.part.9+0x14c/0x170
 [<ffffffffa6e18731>] sock_aio_read+0x21/0x30
 [<ffffffffa6a404d3>] do_sync_read+0x93/0xe0
 [<ffffffffa6a40fb5>] vfs_read+0x145/0x170
 [<ffffffffa6a41dcf>] SyS_read+0x7f/0xf0
 [<ffffffffa6f74ddb>] system_call_fastpath+0x22/0x27
...
RIP  [<ffffffffa6a3def7>] __check_object_size+0x87/0x250

Environment

  • Red Hat Enterprise Linux 7.6 (kernel-3.10.0-957.el7.x86_64)
  • Third-party Docker and kubernetes container management
  • Third-party Flannel and Calico CNI

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content