| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <877c9z9e3x.fsf@cloudflare.com> Date: Wed, 23 Oct 2024 14:51:30 +0200 From: Jakub Sitnicki <jakub@...udflare.com> To: Ruan Bonan <bonan.ruan@...us.edu> Cc: "john.fastabend@...il.com" <john.fastabend@...il.com>, "davem@...emloft.net" <davem@...emloft.net>, "edumazet@...gle.com" <edumazet@...gle.com>, "kuba@...nel.org" <kuba@...nel.org>, "pabeni@...hat.com" <pabeni@...hat.com>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "bpf@...r.kernel.org" <bpf@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "syzkaller@...glegroups.com" <syzkaller@...glegroups.com> Subject: Re: [BUG] general protection fault in sock_map_link_update_prog - Reproducible with Syzkaller On Tue, Oct 22, 2024 at 02:36 AM GMT, Ruan Bonan wrote: > I used Syzkaller and found that there is KASAN: null-ptr-deref (general protection fault in > sock_map_link_update_prog) in net/core/sock_map.c in v6.12.0-rc2, which also causes a KASAN: > slab-use-after-free at the same time. It looks like a concurrency bug in the BPF related subsystems. The > reproducer is available, and I have reproduced this bug with it manually. Currently I can only reproduce this > bug with root privilege. > > The detailed reports, config file, and reproducer program are attached in this e-mail. If you need further > details, please let me know. Thanks for the report. I was also able to reproduce the KASAN splat with the attached repro locally and will investigate futher. I have a small ask - please use plain text for mailing the list in the future - https://useplaintext.email/ -jkbs
Powered by blists - more mailing lists