| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <3C898B31-21E7-4DE6-BBE2-1F23B74005B0@m.fudan.edu.cn> Date: Tue, 7 Jan 2025 16:46:53 +0800 From: Kun Hu <huk23@...udan.edu.cn> To: Jan Kara <jack@...e.cz> Cc: jack@...e.com, linux-kernel@...r.kernel.org, "jjtan24@...udan.edu.cn" <jjtan24@...udan.edu.cn> Subject: Re: Use-after-free read in udf_add_fid_counter > 2025年1月6日 21:55,Jan Kara <jack@...e.cz> 写道: > > Hello! > > On Tue 24-12-24 16:15:00, kun wrote: >> When using fuzzer tool to fuzz the latest Linux kernel, the following crash >> was triggered. >> >> HEAD commit: 78d4f34e2115b517bcbfe7ec0d018bbbb6f9b0b8 >> git tree: upstream >> Console output: >> https://drive.google.com/file/d/1ehAmTGzOEnJi1DBbX2g9TMMQjVHeJpIY/view?usp=sharing >> Kernel config: >> https://drive.google.com/file/d/1RhT5dFTs6Vx1U71PbpenN7TPtnPoa3NI/view?usp=sharing >> C reproducer: >> https://drive.google.com/file/d/1_1e3UBDrx_Q0vAIQtQg2RDT2FerBc6ar/view?usp=sharing >> Syzlang reproducer: >> https://drive.google.com/file/d/1WEhTD0nI5YfX9zcaa8mYMC_G7Nv_4iZv/view?usp=sharing >> Similar report: https://lkml.org/lkml/2023/5/8/1159 > > Similarly as in the case of another UDF report, please make sure > CONFIG_BLK_DEV_WRITE_MOUNTED is disabled in the kernel used for fuzzing. > Thanks! > > Honza > -- > Jan Kara <jack@...e.com> > SUSE Labs, CR Again. This crash has not been reproduced after disable CONFIG_BLK_DEV_WRITE_MOUNTED. —— Thanks, Kun Hu
Powered by blists - more mailing lists