| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 23 Jul 2019 19:41:21 -0700
From: Eric Biggers <ebiggers@...nel.org>
To: linux-input@...r.kernel.org, Jiri Kosina <jikos@...nel.org>,
Benjamin Tissoires <benjamin.tissoires@...hat.com>
Cc: linux-kernel@...r.kernel.org, syzkaller-bugs@...glegroups.com
Subject: Reminder: 3 open syzbot bugs in hid subsystem
[This email was generated by a script. Let me know if you have any suggestions
to make it better, or if you want it re-generated with the latest status.]
Of the currently open syzbot reports against the upstream kernel, I've manually
marked 3 of them as possibly being bugs in the hid subsystem. I've listed these
reports below, sorted by an algorithm that tries to list first the reports most
likely to be still valid, important, and actionable.
Of these 3 bugs, 2 were seen in mainline in the last week.
If you believe a bug is no longer valid, please close the syzbot report by
sending a '#syz fix', '#syz dup', or '#syz invalid' command in reply to the
original thread, as explained at https://goo.gl/tpsmEJ#status
If you believe I misattributed a bug to the hid subsystem, please let me know,
and if possible forward the report to the correct people or mailing list.
Here are the bugs:
--------------------------------------------------------------------------------
Title: KASAN: use-after-free Read in hidraw_ioctl
Last occurred: 0 days ago
Reported: 0 days ago
Branches: Mainline (with usb-fuzzer patches)
Dashboard link: https://syzkaller.appspot.com/bug?id=c7e345ba243bc4476aae52a3354ccbd2a90e344e
Original thread: https://lkml.kernel.org/lkml/000000000000c07378058e589a29@google.com/T/#u
This bug has a C reproducer.
No one has replied to the original thread for this bug yet.
This looks like a bug in a hid USB driver.
If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+ded1794a717e3b235226@...kaller.appspotmail.com
If you send any email or patch for this bug, please reply to the original
thread. For the git send-email command to use, or tips on how to reply if the
thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000c07378058e589a29@google.com
--------------------------------------------------------------------------------
Title: KASAN: use-after-free Read in usbhid_power
Last occurred: 0 days ago
Reported: 0 days ago
Branches: Mainline (with usb-fuzzer patches)
Dashboard link: https://syzkaller.appspot.com/bug?id=36143971c5b9b0341ad4018313375a5a40cb52c8
Original thread: https://lkml.kernel.org/lkml/000000000000bb4247058e589a20@google.com/T/#u
This bug has a C reproducer.
No one has replied to the original thread for this bug yet.
This looks like a bug in a hid USB driver.
If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+ef5de9c4f99c4edb4e49@...kaller.appspotmail.com
If you send any email or patch for this bug, please reply to the original
thread. For the git send-email command to use, or tips on how to reply if the
thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000bb4247058e589a20@google.com
--------------------------------------------------------------------------------
Title: INFO: task hung in fsnotify_connector_destroy_workfn (2)
Last occurred: 32 days ago
Reported: 311 days ago
Branches: Mainline and others
Dashboard link: https://syzkaller.appspot.com/bug?id=d6011f00f49a2253c15a60ac102b2ea79e3ee8de
Original thread: https://lkml.kernel.org/lkml/0000000000006364200575dfc280@google.com/T/#u
This bug has a syzkaller reproducer only.
The original thread for this bug received 7 replies; the last was 301 days ago.
If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+6fb572170402d311dd39@...kaller.appspotmail.com
If you send any email or patch for this bug, please consider replying to the
original thread. For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/0000000000006364200575dfc280@google.com
Powered by blists - more mailing lists