lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CALAgD-5SgEFKD36qtMxWoFci0pLiPxC6Y9Z6rumBr7bGO3x9fQ@mail.gmail.com>
Date: Wed, 28 Aug 2024 16:40:45 -0700
From: Xingyu Li <xli399@....edu>
To: Joel Granados <j.granados@...sung.com>, Yu Hao <yhao016@....edu>
Cc: mcgrof@...nel.org, kees@...nel.org, linux-kernel@...r.kernel.org, 
	linux-fsdevel@...r.kernel.org
Subject: Re: BUG: general protection fault in put_links

We use syzkaller to fuzz the linux kernel, and this bug is triggered
during fuzzing. However, unfortunately, syzkaller did not generate
reproducing source codes.

On Tue, Aug 27, 2024 at 12:50 PM Joel Granados <j.granados@...sung.com> wrote:
>
> On Sat, Aug 24, 2024 at 10:04:54PM -0700, Xingyu Li wrote:
> > Hi,
> >
> > We found a bug in Linux 6.10. It is probably a null pointer reference bug.
> > The reason is probably that before line 123 of
> > fs/proc/proc_sysctl.c(entry = &head->ctl_table[ctl_node -
> > head->node];), there is no null pointer check for `head`.
> > The bug report is as follow:
>
> Thx for the report. How did you trigger it. Do you have code that
> triggers it?
>
> Best
>
> --
>
> Joel Granados



-- 
Yours sincerely,
Xingyu

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ