lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 24 Jul 2020 05:34:37 +0530
From:   "\\xcH3332\\" <ch3332xr@...il.com>
To:     netdev@...r.kernel.org
Cc:     syzkaller@...glegroups.com
Subject: memory leak in ipv6_sock_ac_join ( 5.8.0-rc6+)

Hi,

SYZKALLER found the following Memory Leak

------------------------------------------------------------------------------------------------------------------------------

0c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
0x0, @perf_config_ext={0x8001}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup3(r5, r1, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0,
0x11, r1, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1)
BUG: memory leak
unreferenced object 0xffff946ef4cd0820 (size 32):
  comm "syz-executor.3", pid 24119, jiffies 4296661978 (age 8.277s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    02 00 00 00 6e 94 ff ff 00 00 00 00 00 00 00 00  ....n...........
  backtrace:
    [<00000000358d188e>] sock_kmalloc+0x48/0x80
    [<00000000f0b49aaa>] ipv6_sock_ac_join+0xf0/0x2d0
    [<00000000e7eb8c7b>] do_ipv6_setsockopt.isra.13+0x1f8c/0x2480
    [<00000000189f00a5>] ipv6_setsockopt+0x82/0xe0
    [<00000000e8fa8f58>] tcp_setsockopt+0x43/0x70
    [<000000009c7a573c>] __sys_setsockopt+0x99/0x120
    [<000000005d9f02b3>] __x64_sys_setsockopt+0x22/0x30
    [<00000000a224b2b0>] do_syscall_64+0x3e/0x70
    [<00000000d5d5281c>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff946ef4cd05e0 (size 32):
  comm "syz-executor.3", pid 24119, jiffies 4296661980 (age 8.276s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    02 00 00 00 6e 94 ff ff 00 00 00 00 00 00 00 00  ....n...........
  backtrace:
    [<00000000358d188e>] sock_kmalloc+0x48/0x80
    [<00000000f0b49aaa>] ipv6_sock_ac_join+0xf0/0x2d0
    [<00000000e7eb8c7b>] do_ipv6_setsockopt.isra.13+0x1f8c/0x2480
    [<00000000189f00a5>] ipv6_setsockopt+0x82/0xe0
    [<00000000e8fa8f58>] tcp_setsockopt+0x43/0x70
    [<000000009c7a573c>] __sys_setsockopt+0x99/0x120
    [<000000005d9f02b3>] __x64_sys_setsockopt+0x22/0x30
    [<00000000a224b2b0>] do_syscall_64+0x3e/0x70
    [<00000000d5d5281c>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

-------------------------------------------------------------------------------------------------------------------------------

Download attachment "syz.config" of type "application/octet-stream" (129020 bytes)

Download attachment "syzrepro.prog" of type "application/octet-stream" (654 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ