lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 22 Jan 2018 09:08:17 +0100
From:   Dmitry Vyukov <dvyukov@...gle.com>
To:     Guenter Roeck <groeck@...gle.com>
Cc:     "Theodore Ts'o" <tytso@....edu>,
        Alexei Starovoitov <alexei.starovoitov@...il.com>,
        Daniel Borkmann <daniel@...earbox.net>,
        Pavel Machek <pavel@....cz>,
        LKML <linux-kernel@...r.kernel.org>,
        netdev <netdev@...r.kernel.org>, syzkaller-bugs@...glegroups.com,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: Re: dangers of bots on the mailing lists was Re: divide error in ___bpf_prog_run

Just to restore a bit of faith in syzbot, I've checked 4.15-rc9 commit
log and 28 out of 212 commits turn out to be fixes for bugs found by
syzbot:

Alexei Starovoitov (1):
      bpf: fix 32-bit divide by zero

Cong Wang (2):
      tipc: fix a memory leak in tipc_nl_node_get_link()
      tun: fix a memory leak for tfile->tx_array

Daniel Borkmann (7):
      bpf: arsh is not supported in 32 bit alu thus reject it
      bpf, array: fix overflow in max_entries and undefined behavior
in index_mask
      bpf: mark dst unknown on inconsistent {s, u}bounds adjustments

David Ahern (1):
      netlink: extack needs to be reset each time through loop

Eric Biggers (2):
      af_key: fix buffer overread in verify_address_len()
      af_key: fix buffer overread in parse_exthdrs()

Eric Dumazet (3):
      bpf: fix divides by zero
      ipv6: ip6_make_skb() needs to clear cork.base.dst
      flow_dissector: properly cap thoff field

Florian Westphal (2):
      xfrm: skip policies marked as dead while rehashing
      xfrm: don't call xfrm_policy_cache_flush while holding spinlock

Guillaume Nault (1):
      ppp: unlock all_ppp_mutex before registering device

Ilya Lesokhin (1):
      net/tls: Only attach to sockets in ESTABLISHED state

Marc Kleine-Budde (2):
      can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once
      can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once

Mike Maloney (1):
      ipv6: fix udpv6 sendmsg crash caused by too small MTU

Sabrina Dubroca (4):
      xfrm: fix rcu usage in xfrm_get_type_offload

Steffen Klassert (3):
      esp: Fix GRO when the headers not fully in the linear part of the skb.
      af_key: Fix memory leak in key_notify_policy.

Takashi Iwai (4):
      ALSA: pcm: Remove yet superfluous WARN_ON()
      ALSA: seq: Make ioctls race-free

Wei Wang (1):
      ipv6: don't let tb6_root node share routes with other node

Xin Long (4):
      sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf
      sctp: do not allow the v4 socket to bind a v4mapped v6 address
      netlink: reset extack earlier in netlink_rcv_skb

Powered by blists - more mailing lists