lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 12 Aug 2022 10:04:26 -0700
From:   syzbot <>
Subject: [syzbot] memory leak in netlink_policy_dump_add_policy


syzbot found the following issue on:

HEAD commit:    4e23eeebb2e5 Merge tag 'bitmap-6.0-rc1' of https://github...
git tree:       upstream
console output:
kernel config:
dashboard link:
compiler:       gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
syz repro:
C reproducer:

IMPORTANT: if you fix the issue, please add the following tag to the commit:

executing program
executing program
executing program
BUG: memory leak
unreferenced object 0xffff888113093f00 (size 192):
  comm "syz-executor228", pid 3636, jiffies 4294947950 (age 12.750s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 0a 00 00 00 00 00 00 00  ................
    40 53 fd 84 ff ff ff ff 40 01 00 00 00 00 00 00  @S......@.......
    [<ffffffff83a0e378>] kmalloc include/linux/slab.h:600 [inline]
    [<ffffffff83a0e378>] kzalloc include/linux/slab.h:733 [inline]
    [<ffffffff83a0e378>] alloc_state net/netlink/policy.c:104 [inline]
    [<ffffffff83a0e378>] netlink_policy_dump_add_policy+0x198/0x1f0 net/netlink/policy.c:135
    [<ffffffff83a0d78d>] ctrl_dumppolicy_start+0x15d/0x290 net/netlink/genetlink.c:1173
    [<ffffffff83a0abf8>] genl_start+0x148/0x210 net/netlink/genetlink.c:596
    [<ffffffff83a0756a>] __netlink_dump_start+0x20a/0x440 net/netlink/af_netlink.c:2370
    [<ffffffff83a0a38e>] genl_family_rcv_msg_dumpit+0x15e/0x190 net/netlink/genetlink.c:678
    [<ffffffff83a0b1d5>] genl_family_rcv_msg net/netlink/genetlink.c:772 [inline]
    [<ffffffff83a0b1d5>] genl_rcv_msg+0x225/0x2c0 net/netlink/genetlink.c:792
    [<ffffffff83a09807>] netlink_rcv_skb+0x87/0x1d0 net/netlink/af_netlink.c:2501
    [<ffffffff83a0a214>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:803
    [<ffffffff83a08977>] netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]
    [<ffffffff83a08977>] netlink_unicast+0x397/0x4c0 net/netlink/af_netlink.c:1345
    [<ffffffff83a08e36>] netlink_sendmsg+0x396/0x710 net/netlink/af_netlink.c:1921
    [<ffffffff8385aea6>] sock_sendmsg_nosec net/socket.c:714 [inline]
    [<ffffffff8385aea6>] sock_sendmsg+0x56/0x80 net/socket.c:734
    [<ffffffff8385b40c>] ____sys_sendmsg+0x36c/0x390 net/socket.c:2482
    [<ffffffff8385fd08>] ___sys_sendmsg+0xa8/0x110 net/socket.c:2536
    [<ffffffff8385fe98>] __sys_sendmsg+0x88/0x100 net/socket.c:2565
    [<ffffffff845d8535>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
    [<ffffffff845d8535>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
    [<ffffffff84600087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd

This report is generated by a bot. It may contain errors.
See for more information about syzbot.
syzbot engineers can be reached at

syzbot will keep track of this issue. See: for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:

Powered by blists - more mailing lists