| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 16 Mar 2022 09:01:18 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Dmitry Vyukov <dvyukov@...gle.com>
Cc: syzbot <syzbot+3f1ca6a6fec34d601788@...kaller.appspotmail.com>,
Andrey Konovalov <andreyknvl@...gle.com>,
ath9k-devel@....qualcomm.com, chouhan.shreyansh630@...il.com,
David Miller <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
Kalle Valo <kvalo@...eaurora.org>,
Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
"open list:USB GADGET/PERIPHERAL SUBSYSTEM"
<linux-usb@...r.kernel.org>,
linux-wireless <linux-wireless@...r.kernel.org>,
Masahiro Yamada <masahiroy@...nel.org>,
Michal Marek <michal.lkml@...kovi.net>,
Nick Desaulniers <ndesaulniers@...gle.com>,
Netdev <netdev@...r.kernel.org>,
syzkaller-bugs <syzkaller-bugs@...glegroups.com>,
Zekun Shen <bruceshenzk@...il.com>
Subject: Re: [syzbot] KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb (3)
On Wed, Mar 16, 2022 at 12:45 AM Dmitry Vyukov <dvyukov@...gle.com> wrote:
>
> But the bug looks to be fixed by something anyway. git log on the file
> pretty clearly points to:
>
> #syz fix: ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream
Yeah, that commit 6ce708f54cc8 looks a lot more likely to have any
effect on this than my version bump that the syzbot bisection pointed
to.
But kernels containing that commit still have that
run #0: crashed: KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
so apparently it isn't actually fully fixed. ;(
Linus
Powered by blists - more mailing lists