| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.LNX.4.44L0.1908091646230.1630-100000@iolanthe.rowland.org>
Date: Fri, 9 Aug 2019 16:52:06 -0400 (EDT)
From: Alan Stern <stern@...land.harvard.edu>
To: syzbot <syzbot+22ae4e3b9fcc8a5c153a@...kaller.appspotmail.com>
cc: andreyknvl@...gle.com, <gregkh@...uxfoundation.org>,
<gustavo@...eddedor.com>, <linux-kernel@...r.kernel.org>,
<linux-usb@...r.kernel.org>, <syzkaller-bugs@...glegroups.com>
Subject: Re: KASAN: use-after-free Read in usb_kill_urb
On Fri, 9 Aug 2019, syzbot wrote:
> Hello,
>
> syzbot has tested the proposed patch and the reproducer did not trigger
> crash:
>
> Reported-and-tested-by:
> syzbot+22ae4e3b9fcc8a5c153a@...kaller.appspotmail.com
>
> Tested on:
>
> commit: e96407b4 usb-fuzzer: main usb gadget fuzzer driver
> git tree: https://github.com/google/kasan.git
> kernel config: https://syzkaller.appspot.com/x/.config?x=cfa2c18fb6a8068e
> compiler: gcc (GCC) 9.0.0 20181231 (experimental)
> patch: https://syzkaller.appspot.com/x/patch.diff?x=173f2d2c600000
>
> Note: testing is done by a robot and is best-effort only.
This shows that this bug is a duplicate of extid=30cf45ebfe0b0c4847a1.
This fact is also visible in the console logs; both have lines saying
something like:
[ 549.416341][ T22] sysfs: cannot create duplicate filename '/class/usbmisc/ldusb0'
and
[ 549.958755][ T22] ldusb 1-1:0.28: Not able to get a minor for this device.
preceding the invalid access.
Alan Stern
Powered by blists - more mailing lists