| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024120410-overact-rocking-fe93@gregkh> Date: Wed, 4 Dec 2024 10:41:52 +0100 From: Greg KH <gregkh@...uxfoundation.org> To: wzs <wangzhengshu39@...il.com> Cc: rafael@...nel.org, akpm@...ux-foundation.org, linux-kernel@...r.kernel.org, stable@...r.kernel.org Subject: Re: kernel v6.7 warn in add_uevent_var: buffer size too small On Wed, Dec 04, 2024 at 05:29:26PM +0800, wzs wrote: > Hello, > when fuzzing the Linux kernel 6.7.0, > the following crash was triggered. > > kernel config : https://pastebin.com/3JeQFdUr > console output : https://pastebin.com/9ADtBQtP > > Basically, we use gadget module to simulate the connection and interaction > process of a USB device > (device type code : 0003, vendor id : 046D, product id : C312, serial > number : 27B4, with function : input event). > > It seems to be caused by a mismatch between the uevent's environmental > limit and the buffer size used to receive the uevent, which triggers such > kernel warning. > > The crash report is as follow: > 、、、 > [203835.102225] input: wingfuz Keyboard as > /devices/platform/dummy_hcd.0/usb3/3-1/3-1:1.0/0003:046D:C312.27B4/input/input5893 > [203835.155527] ------------[ cut here ]------------ > [203835.155533] add_uevent_var: buffer size too small > [203835.162092] WARNING: CPU: 11 PID: 57434 at lib/kobject_uevent.c:671 > add_uevent_var+0x2fe/0x390 I think this is already fixed in newer kernel versions. 6.7.0 is very old and obsolete. Can you test this on 6.12.1? thanks, greg k-h
Powered by blists - more mailing lists