lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <CANp29Y5duVTxPyB=O+nyi8r68iebvEQmcCGOapL5b8Qpym8keQ@mail.gmail.com>
Date:   Wed, 25 Oct 2023 09:12:20 +0200
From:   Aleksandr Nogikh <nogikh@...gle.com>
To:     Abagail ren <renzezhongucas@...il.com>
Cc:     krzysztof.kozlowski@...aro.org, davem@...emloft.net,
        edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com,
        netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
        syzkaller@...glegroups.com, Dmitry Vyukov <dvyukov@...gle.com>
Subject: Re: KASAN: slab-use-after-free Read in nfc_llcp_unregister_device

Hi,

Please also note this report by syzbot:
https://syzkaller.appspot.com/bug?extid=81232c4a81a886e2b580

Its title is a bit different, but the stacktraces are the same. At the
bottom, you may also find KASAN crashes.

Judging by the "Discussions" block, there've been a couple of fix
attempts already, but they did not make it to the kernel.

-- 
Aleksandr

On Wed, Oct 25, 2023 at 9:03 AM Abagail ren <renzezhongucas@...il.com> wrote:
>
> Good day, dear maintainers.
>
> Since the email system replied that it refused to accept the email because the text contained HTML, I sent it to you again in the form of shared files.
>
> We found a bug using a modified kernel configuration file used by syzbot.
>
> We enhanced the probability of vulnerability discovery using our prototype system developed based on syzkaller and found a bug "' KASAN: slab-use-after-free Read in nfc_llcp_unregister_device." I'm still working on it to find out its root cause and availability.
>
> The stack information: https://docs.google.com/document/d/1gdHebCRsvVsSPKfilcoXVu3Pctvoj2FSZCACcVYZXns/edit?usp=sharing
>
> Kernel Branch: 6.4.0-rc3
>
> Kernel Config: https://docs.google.com/document/d/1WIM0btqS2dex18HQYaL2xyoW6WdX2TsaNguTnWzHMps/edit?usp=sharing
>
> Reproducer:  https://docs.google.com/document/d/1LrgGdOgZwO8wz0opusZ7flP9QSFZa32GdozvoxGysyY/edit?usp=sharing
>
> Thank you!
>
> Best regards,
> Ren Zezhong
>
> --
> You received this message because you are subscribed to the Google Groups "syzkaller" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller+unsubscribe@...glegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller/CALkECRjyG8AtbUunWFYErQethdyCfiNC2-ZHP6oVtO3%2BGHxahA%40mail.gmail.com.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ