lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 20 Nov 2019 14:32:52 +0100
From:   Greg KH <greg@...ah.com>
To:     Oliver Neukum <oneukum@...e.com>
Cc:     syzbot <syzbot+d934a9036346e0215d8f@...kaller.appspotmail.com>,
        andreyknvl@...gle.com, linux-kernel@...r.kernel.org,
        linux-usb@...r.kernel.org, syzkaller-bugs@...glegroups.com
Subject: Re: BUG: bad host security descriptor; not enough data (4 vs 5 left)

On Wed, Nov 20, 2019 at 12:18:57PM +0100, Oliver Neukum wrote:
> Am Montag, den 11.11.2019, 17:09 +0100 schrieb Greg KH:
> > On Mon, Nov 11, 2019 at 07:34:08AM -0800, syzbot wrote:
> > > Hello,
> > > 
> > > syzbot found the following crash on:
> > > 
> > > HEAD commit:    3183c037 usb: gadget: add raw-gadget interface
> > > git tree:       https://github.com/google/kasan.git usb-fuzzer
> > > console output: https://syzkaller.appspot.com/x/log.txt?x=12525dc6e00000
> > > kernel config:  https://syzkaller.appspot.com/x/.config?x=79de80330003b5f7
> > > dashboard link: https://syzkaller.appspot.com/bug?extid=d934a9036346e0215d8f
> > > compiler:       gcc (GCC) 9.0.0 20181231 (experimental)
> > > syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=14ac7406e00000
> > > C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=13eea39ae00000
> > > 
> > > IMPORTANT: if you fix the bug, please add the following tag to the commit:
> > > Reported-by: syzbot+d934a9036346e0215d8f@...kaller.appspotmail.com
> > > 
> > > usb 1-1: config 0 interface 0 altsetting 0 has 3 endpoint descriptors,
> > > different from the interface descriptor's value: 4
> > > usb 1-1: New USB device found, idVendor=13dc, idProduct=5611,
> > > bcdDevice=2f.15
> > > usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
> > > usb 1-1: config 0 descriptor??
> > > hwa-hc 1-1:0.0: Wire Adapter v106.52 newer than groked v1.0
> > > hwa-hc 1-1:0.0: FIXME: USB_MAXCHILDREN too low for WUSB adapter (194 ports)
> > > usb 1-1: BUG: bad host security descriptor; not enough data (4 vs 5 left)
> > > usb 1-1: supported encryption types: �S.Ё���|c.Ё����c.Ё���
> > > usb 1-1: E: host doesn't support CCM-1 crypto
> > > hwa-hc 1-1:0.0: Wireless USB HWA host controller
> > > hwa-hc 1-1:0.0: new USB bus registered, assigned bus number 11
> > 
> > wusb code, hah.  It's about to be deleted from the kernel because no one
> > uses it and there is no hardware out there.  I wouldn't spend a ton of
> > time fuzzing it.
> > 
> > One more good reason to just delete it soon...
> 
> Unfortunately that is not an option for the stable trees.

Well, we can just mark the thing as BROKEN.  I strongly doubt anyone is
using it as there is no hardware out there.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ