| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YuIyKjvQ0vOeRWhl@kroah.com>
Date: Thu, 28 Jul 2022 08:52:26 +0200
From: Greg KH <gregkh@...uxfoundation.org>
To: Dipanjan Das <mail.dipanjan.das@...il.com>
Cc: dhowells@...hat.com, sashal@...nel.org, fmdefrancesco@...il.com,
edumazet@...gle.com, linux-kernel@...r.kernel.org,
syzkaller@...glegroups.com, fleischermarius@...glemail.com,
its.priyanka.bose@...il.com
Subject: Re: KASAN: use-after-free Read in post_one_notification
On Wed, Jul 27, 2022 at 02:28:45PM -0700, Dipanjan Das wrote:
> Hi,
>
> We would like to report the following bug which has been found by our
> modified version of syzkaller.
>
> ======================================================
> description: KASAN: use-after-free Read in post_one_notification
> affected file: kernel/watch_queue.c
> kernel version: 5.10.131
> kernel commit: 8f95261a006489c828f1d909355669875649668b
> git tree: upstream
> kernel config: https://syzkaller.appspot.com/x/.config?x=e49433cfed49b7d9
> crash reproducer: attached
> patch: This bug was previously reported by syzkaller for kernel
> version 5.17. The same patch works for kernel version 5.10 as well,
> i.e., we tested that the repro can no longer triggers the reported
> crash with this patch:
> https://syzkaller.appspot.com/text?tag=Patch&x=13b8c83c080000
I'm sorry, I do not understand. So this is fixed in Linus's tree? But
not in 5.10.y? Or it is not fixed everywhere?
If it is fixed, what is the git commit id of the patch in Linus's tree
that fixes this that should be backported to 5.10.y?
confused,
greg k-h
Powered by blists - more mailing lists