| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 21 Nov 2015 15:19:27 +0100 From: Christian Hoffmann <chrmhoffmann@...il.com> To: linux-kernel@...r.kernel.org Subject: potential USB bug while plugging/unplugging phone Hi, running a loop like this: while true; do lsusb; done and plugging my mtk phone in, the stack below happened. Version: Linux c3po 4.2.0-18-generic #22-Ubuntu SMP Fri Nov 6 18:25:50 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux Full dmesg: https://dl.dropboxusercontent.com/u/21820416/usb-crash.dmesg Rgds, Chris [16323.481289] usb 5-3: USB disconnect, device number 5 [16602.047146] usb 9-3: new full-speed USB device number 5 using ohci-pci [16602.215677] usb 9-3: config 1 has an invalid descriptor of length 0, skipping remainder of the config [16602.215682] usb 9-3: config 1 has 1 interface, different from the descriptor's value: 2 [16602.215687] usb 9-3: New USB device found, idVendor=0e8d, idProduct=0003 [16602.215689] usb 9-3: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [16602.312280] BUG: unable to handle kernel NULL pointer dereference at 0000000000000008 [16602.312384] IP: [<ffffffffc08eb5e6>] acm_probe+0x186/0x1230 [cdc_acm] [16602.312464] PGD 0 [16602.312489] Oops: 0000 [#1] SMP [16602.312531] Modules linked in: cdc_acm(+) nfsv3 rpcsec_gss_krb5 nfsv4 nfs fscache rfcomm xt_addrtype xt_conntrack ipt_MASQUERADE nf_nat_masquerade_ipv4 iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 iptable_filter ip_tables x_tables nf_nat nf_conntrack bridge stp llc dm_thin_pool dm_persistent_data dm_bio_prison dm_bufio libcrc32c pci_stub vboxpci(OE) vboxnetadp(OE) vboxnetflt(OE) binfmt_misc vboxdrv(OE) bnep btusb btrtl btbcm btintel bluetooth input_leds joydev snd_hda_codec_realtek snd_hda_codec_generic snd_hda_codec_hdmi kvm_amd kvm snd_hda_intel edac_core snd_hda_codec snd_hda_core serio_raw snd_seq_midi k10temp snd_seq_midi_event snd_hwdep edac_mce_amd snd_rawmidi snd_pcm i2c_piix4 snd_seq snd_seq_device snd_timer asus_atk0110 8250_fintek snd mac_hid soundcore shpchp nfsd hwmon_vid [16602.313551] auth_rpcgss msr nfs_acl parport_pc lockd grace ppdev sunrpc lp parport autofs4 raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq raid1 multipath linear raid0 uas usb_storage pata_acpi hid_generic usbhid hid amdkfd amd_iommu_v2 radeon firewire_ohci psmouse i2c_algo_bit ttm r8169 firewire_core mii drm_kms_helper crc_itu_t ahci drm libahci pata_jmicron wmi [16602.314040] CPU: 1 PID: 9808 Comm: systemd-udevd Tainted: G OE 4.2.0-18-generic #22-Ubuntu [16602.314155] Hardware name: System manufacturer System Product Name/M4A89GTD-PRO/USB3, BIOS 2301 07/18/2011 [16602.314277] task: ffff88021181f080 ti: ffff880212e78000 task.ti: ffff880212e78000 [16602.314367] RIP: 0010:[<ffffffffc08eb5e6>] [<ffffffffc08eb5e6>] acm_probe+0x186/0x1230 [cdc_acm] [16602.314478] RSP: 0018:ffff880212e7b9f8 EFLAGS: 00010246 [16602.314543] RAX: 0000000000000000 RBX: ffff880214422000 RCX: ffff8801c5550400 [16602.314629] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [16602.314715] RBP: ffff880212e7bab8 R08: ffff8802131ca1f8 R09: 0000000000000000 [16602.314802] R10: ffffea0000093600 R11: 0000000000000020 R12: ffff880214422000 [16602.314888] R13: ffffffffc08f0108 R14: ffff88010269cf72 R15: 0000000000000013 [16602.314976] FS: 00007f634d0068c0(0000) GS:ffff88021fc40000(0000) knlGS:00000000f7542940 [16602.315075] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [16602.315144] CR2: 0000000000000008 CR3: 000000012f011000 CR4: 00000000000006e0 [16602.315230] Stack: [16602.315254] ffff88021181f080 ffffffff81277334 00000000ffffffea 0000000000000000 [16602.315347] ffff880212e7ba58 ffffffff812779ae ffff8802131ca7f8 000000009f186511 [16602.315440] ffff880214422090 ffff880200000010 0000000000000000 ffff880214422140 [16602.315533] Call Trace: [16602.315566] [<ffffffff81277334>] ? kernfs_link_sibling+0x94/0xc0 [16602.315640] [<ffffffff812779ae>] ? kernfs_add_one+0xee/0x140 [16602.315712] [<ffffffff815e4562>] usb_probe_interface+0x1b2/0x2d0 [16602.315787] [<ffffffff81520b0a>] driver_probe_device+0x21a/0x490 [16602.315861] [<ffffffff81520e10>] __driver_attach+0x90/0xa0 [16602.315928] [<ffffffff81520d80>] ? driver_probe_device+0x490/0x490 [16602.316005] [<ffffffff8151e6ac>] bus_for_each_dev+0x6c/0xc0 [16602.316074] [<ffffffff815202ae>] driver_attach+0x1e/0x20 [16602.316140] [<ffffffff8151fddb>] bus_add_driver+0x1eb/0x280 [16602.316210] [<ffffffff815216b0>] driver_register+0x60/0xe0 [16602.316277] [<ffffffff815e2e74>] usb_register_driver+0x84/0x140 [16602.316351] [<ffffffffc0863000>] ? 0xffffffffc0863000 [16602.316414] [<ffffffffc08630c3>] acm_init+0xc3/0x1000 [cdc_acm] [16602.316489] [<ffffffff81002123>] do_one_initcall+0xb3/0x200 [16602.316558] [<ffffffff811c2835>] ? __vunmap+0x95/0xf0 [16602.316622] [<ffffffff811de027>] ? kmem_cache_alloc_trace+0x187/0x1f0 [16602.316702] [<ffffffff817e66c8>] ? do_init_module+0x28/0x1e7 [16602.316772] [<ffffffff817e6700>] do_init_module+0x60/0x1e7 [16602.316840] [<ffffffff81102876>] load_module+0x1676/0x1c10 [16602.316907] [<ffffffff810fe9c0>] ? __symbol_put+0x60/0x60 [16602.316975] [<ffffffff81202f80>] ? kernel_read+0x50/0x80 [16602.317041] [<ffffffff81103069>] SyS_finit_module+0xb9/0xf0 [16602.317111] [<ffffffff817ef9f2>] entry_SYSCALL_64_fastpath+0x16/0x75 [16602.317189] Code: 0f 84 26 02 00 00 44 39 6d 98 74 0d f6 05 d4 4c 00 00 04 0f 85 24 09 00 00 48 8b 4d b8 48 39 4d c8 0f 84 36 09 00 00 48 8b 45 c8 <48> 8b 40 08 80 78 05 0a 0f 84 7e 02 00 00 48 8b 45 b8 48 8b 40 [16602.317506] RIP [<ffffffffc08eb5e6>] acm_probe+0x186/0x1230 [cdc_acm] [16602.317590] RSP <ffff880212e7b9f8> [16602.317631] CR2: 0000000000000008 [16602.351424] ---[ end trace c6faa535f8cd71f5 ]--- [16605.324490] usb 9-3: USB disconnect, device number 5 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists