lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <2024111921-launch-countdown-a813@gregkh>
Date: Tue, 19 Nov 2024 10:30:30 +0100
From: Greg KH <gregkh@...uxfoundation.org>
To: Juefei Pu <juefei.pu@...il.ucr.edu>
Cc: jirislaby@...nel.org, linux-kernel@...r.kernel.org,
	linux-serial@...r.kernel.org
Subject: Re: BUG: KASAN: slab-use-after-free Read in gsm_dlci_config

On Mon, Nov 18, 2024 at 09:22:54PM -0800, Juefei Pu wrote:
> Hello,
> We found the following issue using syzkaller on Linux v6.11.
> In function `gsm_dlci_config`, a use-after-free on object `dlci` has
> been detected.
> Since the reproducer takes around 10 seconds to trigger the bug, it
> might be a race condition one.

There are so many race conditions and other known-broken things in this
driver, please see the mailing list archives for the details.  It's well
documented that no one should be using this code unless you have the
hardware and know how to lock down your system for it.

That being said, patches are gladly accepted to resolve these issues,
please send them as you have a working reproducer!

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ