[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20240316020021.GD143836@mit.edu>
Date: Fri, 15 Mar 2024 22:00:21 -0400
From: "Theodore Ts'o" <tytso@....edu>
To: cheung wall <zzqq0103.hey@...il.com>
Cc: Andreas Dilger <adilger.kernel@...ger.ca>, linux-ext4@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: KASAN: slab-use-after-free Read in ext4_find_extent
On Thu, Mar 14, 2024 at 02:58:04PM +0800, cheung wall wrote:
> Hello,
>
> when using Healer to fuzz the latest Linux Kernel, the following crash
>
> was triggered on:
>
> HEAD commit: e8f897f4afef0031fe618a8e94127a0934896aba (tag: v6.8)
>
> git tree: upstream
>
> console output: https://pastebin.com/raw/YBKrQHxW
>
> kernel config: https://pastebin.com/raw/SJFReJfc
>
> C reproducer: https://pastebin.com/raw/GUVzwEmx
>
> Syzlang reproducer: https://pastebin.com/raw/9KqQRP2e
>
> If you fix this issue, please add the following tag to the commit:
>
> Reported-by: Qiang Zhang <zzqq0103.hey@...il.com>
This is not reproducible using the above-specified kernel version,
kernel config, and C reproducer using kvm-xfstests.
In any case, looking at the C reproducer, it looks like the reproducer
involves forcibly deactivating the loop device, which requires root
privileges, and so this is not a terribly intereseting bug report.
- Ted
Powered by blists - more mailing lists