| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 2 Jun 2020 13:03:05 +0800
From: butt3rflyh4ck <butterflyhuangxx@...il.com>
To: namjae.jeon@...sung.com, sj1557.seo@...sung.com
Cc: linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
syzkaller <syzkaller@...glegroups.com>
Subject: memory leak in exfat_parse_param
I report a bug (in linux-5.7.0-rc7) found by syzkaller.
kernel config: https://github.com/butterflyhack/syzkaller-fuzz/blob/master/config-v5.7.0-rc7
and can reproduce.
A param->string held by exfat_mount_options.
BUG: memory leak
unreferenced object 0xffff88801972e090 (size 8):
comm "syz-executor.2", pid 16298, jiffies 4295172466 (age 14.060s)
hex dump (first 8 bytes):
6b 6f 69 38 2d 75 00 00 koi8-u..
backtrace:
[<000000005bfe35d6>] kstrdup+0x36/0x70 mm/util.c:60
[<0000000018ed3277>] exfat_parse_param+0x160/0x5e0 fs/exfat/super.c:276
[<000000007680462b>] vfs_parse_fs_param+0x2b4/0x610 fs/fs_context.c:147
[<0000000097c027f2>] vfs_parse_fs_string+0xe6/0x150 fs/fs_context.c:191
[<00000000371bf78f>] generic_parse_monolithic+0x16f/0x1f0
fs/fs_context.c:231
[<000000005ce5eb1b>] do_new_mount fs/namespace.c:2812 [inline]
[<000000005ce5eb1b>] do_mount+0x12bb/0x1b30 fs/namespace.c:3141
[<00000000b642040c>] __do_sys_mount fs/namespace.c:3350 [inline]
[<00000000b642040c>] __se_sys_mount fs/namespace.c:3327 [inline]
[<00000000b642040c>] __x64_sys_mount+0x18f/0x230 fs/namespace.c:3327
[<000000003b024e98>] do_syscall_64+0xf6/0x7d0 arch/x86/entry/common.c:295
[<00000000ce2b698c>] entry_SYSCALL_64_after_hwframe+0x49/0xb3
Powered by blists - more mailing lists