lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20190724155647.GA673@sol.localdomain>
Date:   Wed, 24 Jul 2019 08:56:47 -0700
From:   Eric Biggers <ebiggers@...nel.org>
To:     Takashi Iwai <tiwai@...e.de>
Cc:     alsa-devel@...a-project.org, Jaroslav Kysela <perex@...ex.cz>,
        Takashi Iwai <tiwai@...e.com>, syzkaller-bugs@...glegroups.com,
        linux-kernel@...r.kernel.org
Subject: Re: Reminder: 1 open syzbot bug in sound subsystem

On Wed, Jul 24, 2019 at 09:08:26AM +0200, Takashi Iwai wrote:
> On Wed, 24 Jul 2019 04:47:23 +0200,
> Eric Biggers wrote:
> > 
> > [This email was generated by a script.  Let me know if you have any suggestions
> > to make it better, or if you want it re-generated with the latest status.]
> > 
> > Of the currently open syzbot reports against the upstream kernel, I've manually
> > marked 1 of them as possibly being a bug in the sound subsystem.
> > 
> > If you believe this bug is no longer valid, please close the syzbot report by
> > sending a '#syz fix', '#syz dup', or '#syz invalid' command in reply to the
> > original thread, as explained at https://goo.gl/tpsmEJ#status
> > 
> > If you believe I misattributed this bug to the sound subsystem, please let me
> > know, and if possible forward the report to the correct people or mailing list.
> > 
> > Here is the bug:
> > 
> > --------------------------------------------------------------------------------
> > Title:              KASAN: use-after-free Read in wake_up_if_idle
> > Last occurred:      131 days ago
> > Reported:           267 days ago
> > Branches:           Mainline and others
> > Dashboard link:     https://syzkaller.appspot.com/bug?id=b1e300cd7b124fc83dd4199d4d1df26310111b0f
> > Original thread:    https://lkml.kernel.org/lkml/00000000000066ab7105795f245e@google.com/T/#u
> 
> This one doesn't look like a bug that is directly related with the
> sound stuff.  Although it was triggered from a sound ioctl, UAF is
> seen rather in a notifier chain of other component.
> 
> 
> thanks,
> 
> Takashi
> 

Okay, I'm not sure what to do with this bug though.  I'll mark it as unknown
subsystem for now.

By the way, thanks for addressing all the syzbot reports in the sound subsystem!

- Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ