[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAB7eexKKeOxgZ6uh7WXJcui71_uOMeYr8+=Hfb0-Gi4h8JMmEw@mail.gmail.com>
Date: Wed, 21 Sep 2022 23:45:17 +0800
From: Rondreis <linhaoguo86@...il.com>
To: Greg KH <gregkh@...uxfoundation.org>
Cc: linux-kernel@...r.kernel.org, linux-usb@...r.kernel.org,
johan@...nel.org
Subject: Re: KASAN: use-after-free Write in keyspan_close
Thank you for your reply!
This is a “fake” device. We emulated some functions with the built-in
gadget module as a virtual device side for fuzzing. It can pass through
the matching phase and, to some extent the probing phase.
As you said, the configuration options are correct.
After a successful attachment, we extracted the file_operations
of the device files on both sides to find the corresponding system calls.
Later, by fuzzing the dual-sided device with system calls, it is
equivalent to considering data threats from both peripheral and user space.
We are open to any suggestions and hope to submit a patch capable
of fixing this bug in the near future.
Best Regards,
Rondreis
Powered by blists - more mailing lists