lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20200422203430.GA52250@roeck-us.net>
Date:   Wed, 22 Apr 2020 13:34:30 -0700
From:   Guenter Roeck <linux@...ck-us.net>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:     linux-kernel@...r.kernel.org, torvalds@...ux-foundation.org,
        akpm@...ux-foundation.org, shuah@...nel.org, patches@...nelci.org,
        ben.hutchings@...ethink.co.uk, lkft-triage@...ts.linaro.org,
        stable@...r.kernel.org
Subject: Re: [PATCH 4.9 000/125] 4.9.220-rc1 review

On Wed, Apr 22, 2020 at 11:55:17AM +0200, Greg Kroah-Hartman wrote:
> This is the start of the stable review cycle for the 4.9.220 release.
> There are 125 patches in this series, all will be posted as a response
> to this one.  If anyone has any issues with these being applied, please
> let me know.
> 
> Responses should be made by Fri, 24 Apr 2020 09:48:23 +0000.
> Anything received after that time might be too late.
> 

I see a number of unit test crashes in ppc images. Looks like UAF.
This affects 4.4.y, 4.9.y, and 4.14.y. I'll bisect.

Guenter

---
BUG: Unable to handle kernel data access at 0x6b6b6b6b6b6b6b6b
Faulting instruction address: 0xc0000000006651dc
Oops: Kernel access of bad area, sig: 11 [#1]
PREEMPT SMP NR_CPUS=32 
PowerMac
Modules linked in:
CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.9.220-rc1-00126-gf6cef26 #1
task: c00000003c1c8010 task.stack: c00000003c1c4000
NIP: c0000000006651dc LR: c00000000066824c CTR: c000000000668230
REGS: c00000003c1c7320 TRAP: 0380   Not tainted  (4.9.220-rc1-00126-gf6cef26)
MSR: 800000000000b032 <SF,EE,FP,ME,IR,DR,RI>  CR: 28004448  XER: 00000000
SOFTE: 0 
GPR00: 00000000743a2027 c00000003c1c75a0 c0000000011e1000 c000000001e926cc 
GPR04: c000000001e92aa0 c000000001e92aa0 04ffffff000affff 0000000000000000 
GPR08: c0000000006646b0 ffffffffffffffff 6b6b6b6b6b6b6b6b 0000000000000001 
GPR12: 0000000044004448 c00000000fff9000 c00000000000ffc0 0000000000000000 
GPR16: 0000000000000000 0000000000000000 0000000000000000 0000000000000000 
GPR20: c00000003c1c7878 0000000000000000 0000000000000002 c00000003c1c7880 
GPR24: c000000000e506ae 0000000000000025 c000000001e926c0 0000000000000020 
GPR28: 00000000000003e0 c000000001e92aa0 c000000000e506ae c000000001e926cc 
NIP [c0000000006651dc] .string+0x1c/0xe0
LR [c00000000066824c] .vsnprintf+0x1ac/0x490
Call Trace:
[c00000003c1c75a0] [c00000003a512af8] 0xc00000003a512af8 (unreliable)
[c00000003c1c7670] [c000000000668548] .vscnprintf+0x18/0x60
[c00000003c1c76f0] [c0000000001386cc] .vprintk_emit+0x12c/0x6d0
[c00000003c1c77c0] [c000000000bc3d84] .printk+0xa0/0xbc
[c00000003c1c7840] [c00000000065a9b0] .kobject_put+0x150/0x170
[c00000003c1c78d0] [c0000000009819bc] .of_node_put+0x2c/0x50
[c00000003c1c7950] [c000000000f7998c] .of_unittest_changeset+0x710/0x75c
[c00000003c1c7b00] [c000000000f7c280] .of_unittest+0x22b8/0x2978
[c00000003c1c7c20] [c00000000000f554] .do_one_initcall+0x64/0x1e0
[c00000003c1c7d00] [c000000000f236a8] .kernel_init_freeable+0x298/0x38c
[c00000003c1c7db0] [c00000000000ffe4] .kernel_init+0x24/0x160
[c00000003c1c7e30] [c00000000000c330] .ret_from_kernel_thread+0x58/0x68
Instruction dump:
4b9f3c45 60000000 e80100a0 7c0803a6 4bffffd4 2ba50fff 7caa2b78 7cc90734 
7c852378 409d0030 2fa90000 419e00b8 <890a0000> 394a0001 2fa80000 419e00a8 
---[ end trace f5bca90605285cbd ]---

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ