lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20190724014758.GK643@sol.localdomain>
Date:   Tue, 23 Jul 2019 18:47:58 -0700
From:   Eric Biggers <ebiggers@...nel.org>
To:     linux-wireless@...r.kernel.org, netdev@...r.kernel.org,
        Johannes Berg <johannes@...solutions.net>,
        "David S. Miller" <davem@...emloft.net>
Cc:     linux-kernel@...r.kernel.org, syzkaller-bugs@...glegroups.com
Subject: Reminder: 11 open syzbot bugs in "net/wireless" subsystem

[This email was generated by a script.  Let me know if you have any suggestions
to make it better, or if you want it re-generated with the latest status.]

Of the currently open syzbot reports against the upstream kernel, I've manually
marked 11 of them as possibly being bugs in the "net/wireless" subsystem.  I've
listed these reports below, sorted by an algorithm that tries to list first the
reports most likely to be still valid, important, and actionable.

Of these 11 bugs, 9 were seen in mainline in the last week.

If you believe a bug is no longer valid, please close the syzbot report by
sending a '#syz fix', '#syz dup', or '#syz invalid' command in reply to the
original thread, as explained at https://goo.gl/tpsmEJ#status

If you believe I misattributed a bug to the "net/wireless" subsystem, please let
me know, and if possible forward the report to the correct people or mailing
list.

Here are the bugs:

--------------------------------------------------------------------------------
Title:              general protection fault in ath6kl_usb_alloc_urb_from_pipe
Last occurred:      0 days ago
Reported:           102 days ago
Branches:           Mainline (with usb-fuzzer patches)
Dashboard link:     https://syzkaller.appspot.com/bug?id=cd8b9cfe50a0bf36ee19eda2d7e2e06843dfbeaf
Original thread:    https://lkml.kernel.org/lkml/0000000000008e825105865615e3@google.com/T/#u

This bug has a C reproducer.

No one replied to the original thread for this bug.

This looks like a bug in a net/wireless USB driver.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+ead4037ec793e025e66f@...kaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/0000000000008e825105865615e3@google.com

--------------------------------------------------------------------------------
Title:              WARNING: ODEBUG bug in rsi_probe
Last occurred:      0 days ago
Reported:           100 days ago
Branches:           Mainline (with usb-fuzzer patches)
Dashboard link:     https://syzkaller.appspot.com/bug?id=3b35267abf182bd98ba95c0943bc0f957e021101
Original thread:    https://lkml.kernel.org/lkml/00000000000024bbd7058682eda1@google.com/T/#u

This bug has a C reproducer.

No one replied to the original thread for this bug.

This looks like a bug in a net/wireless USB driver.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+1d1597a5aa3679c65b9f@...kaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/00000000000024bbd7058682eda1@google.com

--------------------------------------------------------------------------------
Title:              INFO: trying to register non-static key in del_timer_sync (2)
Last occurred:      0 days ago
Reported:           102 days ago
Branches:           Mainline (with usb-fuzzer patches)
Dashboard link:     https://syzkaller.appspot.com/bug?id=26525f643f454dd7be0078423e3cdb0d57744959
Original thread:    https://lkml.kernel.org/lkml/000000000000927a7b0586561537@google.com/T/#u

This bug has a C reproducer.

The original thread for this bug received 5 replies; the last was 41 days ago.

This looks like a bug in a net/wireless USB driver.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+dc4127f950da51639216@...kaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000927a7b0586561537@google.com

--------------------------------------------------------------------------------
Title:              WARNING in zd_mac_clear
Last occurred:      0 days ago
Reported:           102 days ago
Branches:           Mainline (with usb-fuzzer patches)
Dashboard link:     https://syzkaller.appspot.com/bug?id=46e5ae5074764b5f0eed428a8c4989d9efbe9146
Original thread:    https://lkml.kernel.org/lkml/00000000000075a7a6058653d977@google.com/T/#u

This bug has a C reproducer.

No one replied to the original thread for this bug.

This looks like a bug in a net/wireless USB driver.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+74c65761783d66a9c97c@...kaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/00000000000075a7a6058653d977@google.com

--------------------------------------------------------------------------------
Title:              KASAN: invalid-free in rsi_91x_deinit
Last occurred:      0 days ago
Reported:           91 days ago
Branches:           Mainline (with usb-fuzzer patches)
Dashboard link:     https://syzkaller.appspot.com/bug?id=426fbebc1eac728afa08e52b1bcf8171c9413e29
Original thread:    https://lkml.kernel.org/lkml/0000000000005ae4cd058731d407@google.com/T/#u

This bug has a C reproducer.

No one replied to the original thread for this bug.

This looks like a bug in a net/wireless USB driver.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+7c72edfb407b2bd866ce@...kaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/0000000000005ae4cd058731d407@google.com

--------------------------------------------------------------------------------
Title:              KMSAN: uninit-value in rt2500usb_bbp_read
Last occurred:      0 days ago
Reported:           47 days ago
Branches:           Mainline (with KMSAN patches)
Dashboard link:     https://syzkaller.appspot.com/bug?id=f35d123de7d393019c1ed4d4e60dc66596ed62cd
Original thread:    https://lkml.kernel.org/lkml/000000000000cf6a70058aa48695@google.com/T/#u

This bug has a C reproducer.

The original thread for this bug has received 1 reply, 47 days ago.

This looks like a bug in a net/wireless USB driver.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+a106a5b084a6890d2607@...kaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000cf6a70058aa48695@google.com

--------------------------------------------------------------------------------
Title:              WARNING in submit_rx_urb/usb_submit_urb
Last occurred:      0 days ago
Reported:           55 days ago
Branches:           Mainline (with usb-fuzzer patches)
Dashboard link:     https://syzkaller.appspot.com/bug?id=97fff2c33c48264fba4d185f5f0f0961bdcd2ae2
Original thread:    https://lkml.kernel.org/lkml/0000000000004da71e058a06318b@google.com/T/#u

This bug has a C reproducer.

The original thread for this bug has received 1 reply, 55 days ago.

This looks like a bug in a net/wireless USB driver.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+c2a1fa67c02faa0de723@...kaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/0000000000004da71e058a06318b@google.com

--------------------------------------------------------------------------------
Title:              WARNING in ar5523_submit_rx_cmd/usb_submit_urb
Last occurred:      0 days ago
Reported:           50 days ago
Branches:           Mainline (with usb-fuzzer patches)
Dashboard link:     https://syzkaller.appspot.com/bug?id=d4cdc65d1db112b294b568e0cff47bca7cd3edbd
Original thread:    https://lkml.kernel.org/lkml/000000000000f4900f058a69d6c5@google.com/T/#u

This bug has a C reproducer.

The original thread for this bug has received 1 reply, 50 days ago.

This looks like a bug in a net/wireless USB driver.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+6101b0c732dea13ea55b@...kaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000f4900f058a69d6c5@google.com

--------------------------------------------------------------------------------
Title:              KASAN: slab-out-of-bounds Read in p54u_load_firmware_cb
Last occurred:      3 days ago
Reported:           78 days ago
Branches:           Mainline (with usb-fuzzer patches)
Dashboard link:     https://syzkaller.appspot.com/bug?id=a7d7aec13ac4d6981c15814acb900348d340dd70
Original thread:    https://lkml.kernel.org/lkml/00000000000001de810588363aaf@google.com/T/#u

This bug has a syzkaller reproducer only.

The original thread for this bug has received 4 replies; the last was 29 days
ago.

This looks like a bug in a net/wireless USB driver.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+6d237e74cdc13f036473@...kaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/00000000000001de810588363aaf@google.com

--------------------------------------------------------------------------------
Title:              WARNING in i2400mu_bus_bm_wait_for_ack/usb_submit_urb
Last occurred:      0 days ago
Reported:           13 days ago
Branches:           Mainline (with usb-fuzzer patches)
Dashboard link:     https://syzkaller.appspot.com/bug?id=78aca5360820e5e91ba12dec842dabeb5349b431
Original thread:    https://lkml.kernel.org/lkml/0000000000009b6e7f058d51adba@google.com/T/#u

This bug has a C reproducer.

No one has replied to the original thread for this bug yet.

This looks like a bug in a net/wireless USB driver.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+7886801de1cc3958a0d1@...kaller.appspotmail.com

If you send any email or patch for this bug, please reply to the original
thread.  For the git send-email command to use, or tips on how to reply if the
thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/0000000000009b6e7f058d51adba@google.com

--------------------------------------------------------------------------------
Title:              KASAN: global-out-of-bounds Read in load_next_firmware_from_table
Last occurred:      18 days ago
Reported:           14 days ago
Branches:           Mainline (with usb-fuzzer patches)
Dashboard link:     https://syzkaller.appspot.com/bug?id=9e4fafb6fbc53782278754488801c0bbe1fd2a85
Original thread:    https://lkml.kernel.org/lkml/000000000000df0913058d3ead47@google.com/T/#u

This bug has a C reproducer.

No one has replied to the original thread for this bug yet.

This looks like a bug in a net/wireless USB driver.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+98156c174c5a2cad9f8f@...kaller.appspotmail.com

If you send any email or patch for this bug, please reply to the original
thread.  For the git send-email command to use, or tips on how to reply if the
thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000df0913058d3ead47@google.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ