lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <87zhcgw7ye.fsf@mellanox.com>
Date:   Mon, 16 Mar 2020 18:00:41 +0100
From:   Petr Machata <petrm@...lanox.com>
To:     syzbot <syzbot+1b4ebf4dae4e510dd219@...kaller.appspotmail.com>
Cc:     davem@...emloft.net, kuba@...nel.org, kuznet@....inr.ac.ru,
        linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
        syzkaller-bugs@...glegroups.com, yoshfuji@...ux-ipv6.org
Subject: Re: general protection fault in erspan_netlink_parms

I've got this reproduced, it happens when IFLA_INFO_DATA is not passed,
so "ip link add type erspan". The problem is that the commit referenced
below doesn't check data != NULL in the ERSPAN branch. I'll send a fix
later today.

syzbot <syzbot+1b4ebf4dae4e510dd219@...kaller.appspotmail.com> writes:

> syzbot has bisected this bug to:
>
> commit e1f8f78ffe9854308b9e12a73ebe4e909074fc33
> Author: Petr Machata <petrm@...lanox.com>
> Date:   Fri Mar 13 11:39:36 2020 +0000
>
>     net: ip_gre: Separate ERSPAN newlink / changelink callbacks
>
> bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=101477fde00000
> start commit:   0fda7600 geneve: move debug check after netdev unregister
> git tree:       net
> final crash:    https://syzkaller.appspot.com/x/report.txt?x=121477fde00000
> console output: https://syzkaller.appspot.com/x/log.txt?x=141477fde00000
> kernel config:  https://syzkaller.appspot.com/x/.config?x=c2e311dba9a02ba9
> dashboard link: https://syzkaller.appspot.com/bug?extid=1b4ebf4dae4e510dd219
> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=1627f955e00000
> C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=111ac52de00000
>
> Reported-by: syzbot+1b4ebf4dae4e510dd219@...kaller.appspotmail.com
> Fixes: e1f8f78ffe98 ("net: ip_gre: Separate ERSPAN newlink / changelink callbacks")
>
> For information about bisection process see: https://goo.gl/tpsmEJ#bisection

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ