lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <19b5b9b3-5243-459b-a264-257f9c8324ec@huawei.com>
Date: Mon, 15 Dec 2025 09:54:27 +0800
From: Baokun Li <libaokun1@...wei.com>
To: 余昊铖 <3230100410@....edu.cn>
CC: <security@...nel.org>, <linux-ext4@...r.kernel.org>,
	<linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] ext4: Fix KASAN use-after-free in ext4_find_extent

Hi,

On 2025-12-09 20:27, 余昊铖 wrote:
> Hello,
>
>
> I would like to report a potential security issue in the Linux kernel ext4 filesystem, which I found using a modified syzkaller-based kernel fuzzing tool that I developed.
>
I noticed that your configuration has CONFIG_BLK_DEV_WRITE_MOUNTED enabled.

This setting allows bare writes to an already mounted ext4 filesystem,
meaning certain ext4 metadata (like extent tree blocks) can be modified
without the filesystem being aware of the changes.

Could you please try disabling CONFIG_BLK_DEV_WRITE_MOUNTED and see
if the issue is still reproducible?


Cheers,
Baokun

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ