lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20171212210031.GC185376@gmail.com> Date: Tue, 12 Dec 2017 13:00:31 -0800 From: Eric Biggers <ebiggers3@...il.com> To: Steffen Klassert <steffen.klassert@...unet.com> Cc: syzbot <bot+68bf59b49142965d6454163d7341e617a90139dc@...kaller.appspotmail.com>, davem@...emloft.net, herbert@...dor.apana.org.au, linux-kernel@...r.kernel.org, netdev@...r.kernel.org, syzkaller-bugs@...glegroups.com Subject: Re: KASAN: stack-out-of-bounds Read in xfrm_state_find (3) Hi Steffen, On Fri, Dec 01, 2017 at 08:27:43AM +0100, Steffen Klassert wrote: > On Wed, Nov 22, 2017 at 08:05:00AM -0800, syzbot wrote: > > syzkaller has found reproducer for the following crash on > > 0c86a6bd85ff0629cd2c5141027fc1c8bb6cde9c > > git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/master > > compiler: gcc (GCC) 7.1.1 20170620 > > .config is attached > > Raw console output is attached. > > C reproducer is attached > > syzkaller reproducer is attached. See https://goo.gl/kgGztJ > > for information about syzkaller reproducers > > > > > > BUG: KASAN: stack-out-of-bounds in xfrm_state_find+0x30fc/0x3230 > > net/xfrm/xfrm_state.c:1051 > > Read of size 4 at addr ffff8801ccaa7af8 by task syzkaller231684/3045 > > The patch below should fix this. I plan to apply it to the ipsec tree > after some advanced testing. > > Subject: [PATCH RFC] xfrm: Fix stack-out-of-bounds with misconfigured transport > mode policies. > Are you still planning to apply this? syzbot is still hitting this bug. Eric
Powered by blists - more mailing lists