lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4ab69855-6112-52f4-bee2-3358664d0c20@samsung.com>
Date:   Tue, 28 Jan 2020 15:58:04 +0100
From:   Bartlomiej Zolnierkiewicz <b.zolnierkie@...sung.com>
To:     Petr Mladek <pmladek@...e.com>, anon anon <742991625abc@...il.com>
Cc:     wangkefeng.wang@...wei.com, sergey.senozhatsky@...il.com,
        syzkaller@...glegroups.com, linux-kernel@...r.kernel.org,
        dri-devel@...ts.freedesktop.org, linux-fbdev@...r.kernel.org
Subject: Re: KASAN: slab-out-of-bounds Write in vgacon_scroll


On 1/28/20 1:49 PM, Petr Mladek wrote:
> On Tue 2020-01-28 18:23:46, anon anon wrote:
>> Dear Linux kernel developers,
>>
>> I found the crash "KASAN: slab-out-of-bounds Write in vgacon_scroll"
>> when running syzkaller, hope it's unknown:
>>
>> Linux version: Linux v4.17-rc4 (75bc37fefc44)
>> Branch: master
>>
>> This crash still exists on the latest linux kernel Linux v5.5-rc6.
>> Please get C repo and crash log generated by syzkaller, as well as the
>> .config I used for linux kernel from the attachment. Thanks.
> 
> The out-of-bound access seems to be in vgacon_scroll() and thus
> in vgacon code.
> 
> Unfortunately, most people in CC are printk-guys. They were mentioned
> by ./scripts/get_maintainer.pl -f drivers/video/console/vgacon.c
> just because the very last comment (tree wide pr_warning() clean up).
> 
> Bartolomej seems to be the only relevant name.
> 
> Bartolomej,
> 
> are you going to look at it? Or should we add more people or some list

Help is welcomed as I'm not going to look at it in the foreseeable future
(I'm busy enough with other things).

> (dri-devel@...ts.freedesktop.org or linux-fbdev@...r.kernel.org) into CC?

Added to Cc:, thanks.

> Thanks,
> Petr

Best regards,
--
Bartlomiej Zolnierkiewicz
Samsung R&D Institute Poland
Samsung Electronics

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ