lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 3 Jan 2019 13:39:02 -0600 From: Willem de Bruijn <willemdebruijn.kernel@...il.com> To: syzbot <syzbot+4ad25edc7a33e4ab91e0@...kaller.appspotmail.com> Cc: David Miller <davem@...emloft.net>, Alexey Kuznetsov <kuznet@....inr.ac.ru>, linux-kernel <linux-kernel@...r.kernel.org>, Network Development <netdev@...r.kernel.org>, syzkaller-bugs@...glegroups.com, Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>, sbrivio@...hat.com Subject: Re: kernel panic: stack is corrupted in udp4_lib_lookup2 On Thu, Jan 3, 2019 at 7:07 AM syzbot <syzbot+4ad25edc7a33e4ab91e0@...kaller.appspotmail.com> wrote: > > Hello, > > syzbot found the following crash on: > > HEAD commit: 195303136f19 Merge tag 'kconfig-v4.21-2' of git://git.kern.. > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=12245d8f400000 > kernel config: https://syzkaller.appspot.com/x/.config?x=5e7dc790609552d7 > dashboard link: https://syzkaller.appspot.com/bug?extid=4ad25edc7a33e4ab91e0 > compiler: gcc (GCC) 8.0.1 20180413 (experimental) > > Unfortunately, I don't have any reproducer for this crash yet. > > IMPORTANT: if you fix the bug, please add the following tag to the commit: > Reported-by: syzbot+4ad25edc7a33e4ab91e0@...kaller.appspotmail.com > > protocol 88fb is buggy, dev hsr_slave_1 > protocol 88fb is buggy, dev hsr_slave_0 > protocol 88fb is buggy, dev hsr_slave_1 > FAT-fs (loop0): invalid media value (0x00) > FAT-fs (loop0): Can't find a valid FAT filesystem > Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: This sounds similar to the stack corruption fixed recently in commit e7cc082455cb ("udp: Support for error handlers of tunnels ..."). That fix is for ipv4 gue_err(). ipv6 gue6_err() probably needs the same.
Powered by blists - more mailing lists