[<prev] [next>] [day] [month] [year] [list]
Message-ID: <001a114537e6c332f905658c8a5b@google.com>
Date: Mon, 19 Feb 2018 00:33:01 -0800
From: syzbot <syzbot+10005f4292fc9cc89de7@...kaller.appspotmail.com>
To: coreteam@...filter.org, davem@...emloft.net, fw@...len.de,
kadlec@...ckhole.kfki.hu, kuznet@....inr.ac.ru,
linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
netfilter-devel@...r.kernel.org, pabeni@...hat.com,
pablo@...filter.org, syzkaller-bugs@...glegroups.com,
yoshfuji@...ux-ipv6.org
Subject: KASAN: use-after-free Write in nf_nat_ipv6_manip_pkt
Hello,
syzbot has tested the proposed patch and the reproducer did not trigger
crash:
Reported-and-tested-by:
syzbot+10005f4292fc9cc89de7@...kaller.appspotmail.com
Note: the tag will also help syzbot to understand when the bug is fixed.
Tested on net commit
9ab2323ca184168c288f7355fc19ec0838efc20c (Fri Feb 16 09:18:33 2018 +0000)
sctp: remove the left unnecessary check for chunk in sctp_renege_events
compiler: gcc (GCC) 7.1.1 20170620
Patch is attached.
Kernel config is attached.
---
There is no WARRANTY for the result, to the extent permitted by applicable
law.
Except when otherwise stated in writing syzbot provides the result "AS IS"
without warranty of any kind, either expressed or implied, but not limited
to,
the implied warranties of merchantability and fittness for a particular
purpose.
The entire risk as to the quality of the result is with you. Should the
result
prove defective, you assume the cost of all necessary servicing, repair or
correction.
View attachment "patch.diff" of type "text/plain" (475 bytes)
View attachment "config.txt" of type "text/plain" (136427 bytes)
Powered by blists - more mailing lists