| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 14 Feb 2018 10:35:55 -0500
From: Sowmini Varadhan <sowmini.varadhan@...cle.com>
To: Dmitry Vyukov <dvyukov@...gle.com>
Cc: syzbot <syzbot+bbd8e9a06452cc48059b@...kaller.appspotmail.com>,
David Miller <davem@...emloft.net>,
LKML <linux-kernel@...r.kernel.org>, linux-rdma@...r.kernel.org,
netdev <netdev@...r.kernel.org>, rds-devel@....oracle.com,
Santosh Shilimkar <santosh.shilimkar@...cle.com>,
syzkaller-bugs@...glegroups.com
Subject: Re: KASAN: use-after-free Read in rds_tcp_tune
On (02/14/18 16:28), Dmitry Vyukov wrote:
> syzbot is probably not seeing this problem. However if you don't add
> the Reported-by tag to commit, nor provide syz fix tag, it will
> consider it as "open". One consequence of this is that it is still on
> our radars. Another consequence is that syzbot will never report bugs
> in rds_tcp_tune ever again as it thinks that it's the same known bug,
> so no point in bothering anybody.
understood, I think I saw this in the original syzbot mail as well,
but I was hesitant to actually add the tag because the fix was
based on code-inspection only, and I would have felt more comfortable
about asserting the Reported-by if I'd done a clear-cut before/after
verification.
btw, checkpatch.pl complains about the syzbot*@...kaller.appspotmail.com
addresses as "Unrecognized email address", we should fix that
error from checkpatch at some point.
--Sowmini
Powered by blists - more mailing lists