| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250129165631.50e9e58d@kernel.org> Date: Wed, 29 Jan 2025 16:56:31 -0800 From: Jakub Kicinski <kuba@...nel.org> To: Abdullah <asharji1828@...il.com> Cc: netdev@...r.kernel.org, linux-kernel@...r.kernel.org, skhan@...uxfoundation.org, davem@...emloft.net, dsahern@...nel.org, edumazet@...gle.com, horms@...nel.org, pabeni@...hat.com, syzkaller-bugs@...glegroups.com, syzbot+5cfae50c0e5f2c500013@...kaller.appspotmail.com Subject: Re: [PATCH v3] net: ipmr: Fix out-of-bounds access i mr_mfc_uses_dev() On Wed, 29 Jan 2025 12:50:17 +0400 Abdullah wrote: > The issue was reported by Syzbot as an out-of-bounds read: > UBSAN: array-index-out-of-bounds in net/ipv4/ipmr_base.c:289:10 > Index -772737152 is out of range for type 'const struct vif_device[32]' > > The problem occurs when the minvif/maxvif values in the mr_mfc struct > become invalid (possibly due to memory corruption or uninitialized values). > This patch fixes the issue by ensuring proper boundary checks and rcu_read > locking before accessing vif_table[] in mr_mfc_uses_dev(). > > Fixes: <COMMIT_HASH> > Reported-by: syzbot+5cfae50c0e5f2c500013@...kaller.appspotmail.com > Signed-off-by: Abdullah <asharji1828@...il.com> Could you explain what you're trying to do here? Are you just tossing patches to test at syzbot? If yes, please remove the unnecessary CCs, reply directly to the syzbot address, there is no need to spam the mailing lists. Or do you mean this as a real submissions? In which case why is there <COMMIT_HASH> instead of the correct commit? The entire submission feels a little.. LLM-aided. -- pw-bot: cr
Powered by blists - more mailing lists