lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 4 Jul 2022 14:26:19 +0300
From:   Dan Carpenter <>
To:     Soumya Negi <>
        Xiaolong Huang <>,,
Subject: Re: Test patch for KASAN: global-out-of-bounds Read in

On Fri, Jul 01, 2022 at 06:08:29AM -0700, Soumya Negi wrote:
> #syz test: git://
> 3f8a27f9e27bd78604c0709224cec0ec85a8b106
> -- 
> You received this message because you are subscribed to the Google Groups "syzkaller-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
> To view this discussion on the web visit

> From 3aa5aaffef64a5574cbdb3f5c985bc25b612140c Mon Sep 17 00:00:00 2001
> From: Soumya Negi <>
> Date: Fri, 1 Jul 2022 04:52:17 -0700
> Subject: [PATCH] isdn: capi: Add check for controller count in
>  detach_capi_ctr()
> Fixes Syzbot bug:
> This patch checks whether any ISDN devices are registered before unregistering
> a CAPI controller(device). Without the check, the controller struct capi_str
> results in out-of-bounds access bugs to other CAPI data strucures in
> detach_capri_ctr() as seen in the bug report.

This bug was already fixed by commit 1f3e2e97c003 ("isdn: cpai: check
ctr->cnr to avoid array index out of bound").

It just needs to be backported.  Unfortunately there was no Fixes tag so
it wasn't picked up.  Also I'm not sure how backports work in netdev.

dan carpenter

Powered by blists - more mailing lists