| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 12 Aug 2022 10:04:26 -0700
From: syzbot <syzbot+dc54d9ba8153b216cae0@...kaller.appspotmail.com>
To: davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
pabeni@...hat.com, syzkaller-bugs@...glegroups.com
Subject: [syzbot] memory leak in netlink_policy_dump_add_policy
Hello,
syzbot found the following issue on:
HEAD commit: 4e23eeebb2e5 Merge tag 'bitmap-6.0-rc1' of https://github...
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=165f4f6a080000
kernel config: https://syzkaller.appspot.com/x/.config?x=3a433c7a2539f51c
dashboard link: https://syzkaller.appspot.com/bug?extid=dc54d9ba8153b216cae0
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1443be71080000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=11e5918e080000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+dc54d9ba8153b216cae0@...kaller.appspotmail.com
executing program
executing program
executing program
BUG: memory leak
unreferenced object 0xffff888113093f00 (size 192):
comm "syz-executor228", pid 3636, jiffies 4294947950 (age 12.750s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 0a 00 00 00 00 00 00 00 ................
40 53 fd 84 ff ff ff ff 40 01 00 00 00 00 00 00 @S......@.......
backtrace:
[<ffffffff83a0e378>] kmalloc include/linux/slab.h:600 [inline]
[<ffffffff83a0e378>] kzalloc include/linux/slab.h:733 [inline]
[<ffffffff83a0e378>] alloc_state net/netlink/policy.c:104 [inline]
[<ffffffff83a0e378>] netlink_policy_dump_add_policy+0x198/0x1f0 net/netlink/policy.c:135
[<ffffffff83a0d78d>] ctrl_dumppolicy_start+0x15d/0x290 net/netlink/genetlink.c:1173
[<ffffffff83a0abf8>] genl_start+0x148/0x210 net/netlink/genetlink.c:596
[<ffffffff83a0756a>] __netlink_dump_start+0x20a/0x440 net/netlink/af_netlink.c:2370
[<ffffffff83a0a38e>] genl_family_rcv_msg_dumpit+0x15e/0x190 net/netlink/genetlink.c:678
[<ffffffff83a0b1d5>] genl_family_rcv_msg net/netlink/genetlink.c:772 [inline]
[<ffffffff83a0b1d5>] genl_rcv_msg+0x225/0x2c0 net/netlink/genetlink.c:792
[<ffffffff83a09807>] netlink_rcv_skb+0x87/0x1d0 net/netlink/af_netlink.c:2501
[<ffffffff83a0a214>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:803
[<ffffffff83a08977>] netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]
[<ffffffff83a08977>] netlink_unicast+0x397/0x4c0 net/netlink/af_netlink.c:1345
[<ffffffff83a08e36>] netlink_sendmsg+0x396/0x710 net/netlink/af_netlink.c:1921
[<ffffffff8385aea6>] sock_sendmsg_nosec net/socket.c:714 [inline]
[<ffffffff8385aea6>] sock_sendmsg+0x56/0x80 net/socket.c:734
[<ffffffff8385b40c>] ____sys_sendmsg+0x36c/0x390 net/socket.c:2482
[<ffffffff8385fd08>] ___sys_sendmsg+0xa8/0x110 net/socket.c:2536
[<ffffffff8385fe98>] __sys_sendmsg+0x88/0x100 net/socket.c:2565
[<ffffffff845d8535>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff845d8535>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
[<ffffffff84600087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@...glegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
Powered by blists - more mailing lists