lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-Id: <20251107041002.2091584-1-kriish.sharma2006@gmail.com>
Date: Fri,  7 Nov 2025 04:10:02 +0000
From: Kriish Sharma <kriish.sharma2006@...il.com>
To: Jason Gunthorpe <jgg@...pe.ca>,
	Leon Romanovsky <leon@...nel.org>,
	Vlad Dumitrescu <vdumitrescu@...dia.com>,
	Parav Pandit <parav@...dia.com>,
	Edward Srouji <edwards@...dia.com>
Cc: linux-rdma@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	Kriish Sharma <kriish.sharma2006@...il.com>,
	syzbot+938fcd548c303fe33c1a@...kaller.appspotmail.com
Subject: [PATCH] RDMA/core: Fix uninitialized gid in ib_nl_process_good_ip_rsep()

KMSAN reported a use of uninitialized memory in hex_byte_pack()
via ip6_string() when printing %pI6 from ib_nl_handle_ip_res_resp().
If the LS_NLA_TYPE_DGID attribute is missing, 'gid' remains
uninitialized before being used in pr_info(), leading to a
KMSAN uninit-value report.

Reported-by: syzbot+938fcd548c303fe33c1a@...kaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=938fcd548c303fe33c1a
Fixes: ae43f8286730 ("IB/core: Add IP to GID netlink offload")
Signed-off-by: Kriish Sharma <kriish.sharma2006@...il.com>
---
 drivers/infiniband/core/addr.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/infiniband/core/addr.c b/drivers/infiniband/core/addr.c
index 61596cda2b65..4c602fcae12f 100644
--- a/drivers/infiniband/core/addr.c
+++ b/drivers/infiniband/core/addr.c
@@ -99,7 +99,7 @@ static inline bool ib_nl_is_good_ip_resp(const struct nlmsghdr *nlh)
 static void ib_nl_process_good_ip_rsep(const struct nlmsghdr *nlh)
 {
 	const struct nlattr *head, *curr;
-	union ib_gid gid;
+	union ib_gid gid = {};
 	struct addr_req *req;
 	int len, rem;
 	int found = 0;
-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ