The Hyper V KVP Daemon (hv_kvp_daemon) is installed by default on many linux distributions, and is used when running a guest linux virtual machine under a Microsoft Hyper V hypervisor. This daemon has known issues with its use of netlink sockets - more information can be found by searching for “hv_kvp_daemon vulnerability”.
The linux collector uses a netlink socket to receive messages from the kernel. The hv_kvp_daemon opens a netlink socket in a way that will receive messages intended for other applications, but does not validate that messages it receives are intended for it. When the hv_kvp_daemon receives these messages (in our case from the kernel, intended for the linux collector) it tries to process them and crashes. Reports exist that other applications which use netlink sockets also cause the hv_kvp_daemon to crash.
If you are not running a linux VM under Hyper V, no action is required. You may uninstall the hv_kvp_daemon, or disable the daemon from running on startup if you don’t want to see a segfault message in /var/log/messages or /var/log/syslog.
If you are running a linux VM under Hyper V, you should know that it is possible to disable the collector’s use of a netlink socket. This allows the linux collector to coexist with hv_kvp_daemon. Add this line to the collector config file in /etc/AppFirst, restart the linux collector, then restart Hyper V :