lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 18 Aug 2021 10:57:36 +0200
From:   Matthieu Baerts <matthieu.baerts@...sares.net>
To:     Pavel Skripkin <paskripkin@...il.com>,
        syzbot <syzbot+7b938780d5deeaaf938f@...kaller.appspotmail.com>,
        davem@...emloft.net, johan.hedberg@...il.com, kuba@...nel.org,
        linux-bluetooth@...r.kernel.org, linux-fsdevel@...r.kernel.org,
        linux-kernel@...r.kernel.org, luiz.dentz@...il.com,
        marcel@...tmann.org, mathew.j.martineau@...ux.intel.com,
        netdev@...r.kernel.org, pabeni@...hat.com,
        syzkaller-bugs@...glegroups.com, viro@...iv.linux.org.uk
Subject: Re: [syzbot] KFENCE: use-after-free in kvm_fastop_exception

On 18/08/2021 10:55, Pavel Skripkin wrote:
> On 8/18/21 11:21 AM, Matthieu Baerts wrote:
>> Hi Pavel,
>>
> [snip]
>>>>
>>>> I'm pretty sure the commit c4512c63b119 ("mptcp: fix 'masking a bool'
>>>> warning") doesn't introduce the reported bug. This minor fix is
>>>> specific
>>>> to MPTCP which doesn't seem to be used here.
>>>>
>>>> I'm not sure how I can tell syzbot this is a false positive.
>>>>
>>>
>>>
>>> looks like it's fs/namei bug. Similar reports:
>>>
>>> https://syzkaller.appspot.com/bug?id=517fa734b92b7db404c409b924cf5c997640e324
>>>
>>>
>>>
>>> https://syzkaller.appspot.com/bug?id=484483daf3652b40dae18531923aa9175d392a4d
>>>
>>
>> Thank you for having checked!
>> Should we mark them as "#syz dup" if you think they have the same root
>> cause?
>>
> 
> I think, yes, but I want to receive feedback from fs people about this
> bug. There were huge updates last month, and, maybe, I am missing some
> details. Alloc/free calltrace is the same, but anyway, I want some
> confirmation to not close different bugs by mistake :)
> 
> If these bugs really have same root case I will close them manually
> after fix posted.

Thank you for the explanation. Sounds good to me!

Cheers,
Matt
-- 
Tessares | Belgium | Hybrid Access Solutions
www.tessares.net

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ