lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Date:   Wed, 13 Jan 2021 21:12:19 +0800
From:   慕冬亮 <mudongliangabcd@...il.com>
To:     davem@...emloft.net, kuznet@....inr.ac.ru,
        linux-kernel <linux-kernel@...r.kernel.org>,
        netdev@...r.kernel.org, yoshfuji@...ux-ipv6.org,
        syzkaller-bugs <syzkaller-bugs@...glegroups.com>
Subject: "WARNING: locking bug in do_ipv6_setsockopt" should share the same
 root cause with "WARNING: locking bug in do_ipv6_getsockopt"

I found that on the syzbot dashboard, “WARNING: locking bug in
do_ipv6_setsockopt”(https://syzkaller.appspot.com/bug?id=6a970baf20aa5a64455be86fb920f468def703c6)
and
"WARNING: locking bug in do_ipv6_getsockopt"
(https://syzkaller.appspot.com/bug?id=e97be0bf4d30813e951bcc6249e72c592a790164)
should share the same root cause.

The reason for my above statement is that their PoCs have a high
similarity except for the last syscall - "setsockopt vs getsockopt".
In the last syscall, when it invokes lock_sock(sk) and accesses
sk->sk_lock.slock, the WARNING happens.

If you can have any issues with this statement or our information is
useful to you, please let us know. Thanks very much.

--
My best regards to you.

     No System Is Safe!
     Dongliang Mu

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ