lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3c54df5e.436a9.19b21b55d21.Coremail.3230100410@zju.edu.cn>
Date: Mon, 15 Dec 2025 19:11:32 +0800 (GMT+08:00)
From: 余昊铖 <3230100410@....edu.cn>
To: "Baokun Li" <libaokun1@...wei.com>
Cc: security@...nel.org, linux-ext4@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: Re: [PATCH] ext4: Fix KASAN use-after-free in ext4_find_extent

Hi,

I have disabled CONFIG_BLK_DEV_WRITE_MOUNTED and spent some time trying to trigger the reported KASAN issues. And I found neither of the two bugs has been observed since. Is this issue still worth investigating?

Thanks,
Haocheng Yu


> Hi,
> 
> On 2025-12-09 20:27, 余昊铖 wrote:
> > Hello,
> >
> >
> > I would like to report a potential security issue in the Linux kernel ext4 filesystem, which I found using a modified syzkaller-based kernel fuzzing tool that I developed.
> >
> I noticed that your configuration has CONFIG_BLK_DEV_WRITE_MOUNTED enabled.
> 
> This setting allows bare writes to an already mounted ext4 filesystem,
> meaning certain ext4 metadata (like extent tree blocks) can be modified
> without the filesystem being aware of the changes.
> 
> Could you please try disabling CONFIG_BLK_DEV_WRITE_MOUNTED and see
> if the issue is still reproducible?
> 
> 
> Cheers,
> Baokun

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ