[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id:
<173497743701.3921163.18071428597161743809.git-patchwork-notify@kernel.org>
Date: Mon, 23 Dec 2024 18:10:37 +0000
From: patchwork-bot+netdevbpf@...nel.org
To: Ilya Shchipletsov <rabbelkin@...l.ru>
Cc: netdev@...r.kernel.org, davem@...emloft.net, edumazet@...gle.com,
kuba@...nel.org, pabeni@...hat.com, horms@...nel.org,
linux-hams@...r.kernel.org, linux-kernel@...r.kernel.org, hfggklm@...il.com
Subject: Re: [PATCH] netrom: check buffer length before accessing it
Hello:
This patch was applied to netdev/net.git (main)
by Jakub Kicinski <kuba@...nel.org>:
On Thu, 19 Dec 2024 08:23:07 +0000 you wrote:
> Syzkaller reports an uninit value read from ax25cmp when sending raw message
> through ieee802154 implementation.
>
> =====================================================
> BUG: KMSAN: uninit-value in ax25cmp+0x3a5/0x460 net/ax25/ax25_addr.c:119
> ax25cmp+0x3a5/0x460 net/ax25/ax25_addr.c:119
> nr_dev_get+0x20e/0x450 net/netrom/nr_route.c:601
> nr_route_frame+0x1a2/0xfc0 net/netrom/nr_route.c:774
> nr_xmit+0x5a/0x1c0 net/netrom/nr_dev.c:144
> __netdev_start_xmit include/linux/netdevice.h:4940 [inline]
> netdev_start_xmit include/linux/netdevice.h:4954 [inline]
> xmit_one net/core/dev.c:3548 [inline]
> dev_hard_start_xmit+0x247/0xa10 net/core/dev.c:3564
> __dev_queue_xmit+0x33b8/0x5130 net/core/dev.c:4349
> dev_queue_xmit include/linux/netdevice.h:3134 [inline]
> raw_sendmsg+0x654/0xc10 net/ieee802154/socket.c:299
> ieee802154_sock_sendmsg+0x91/0xc0 net/ieee802154/socket.c:96
> sock_sendmsg_nosec net/socket.c:730 [inline]
> __sock_sendmsg net/socket.c:745 [inline]
> ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584
> ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638
> __sys_sendmsg net/socket.c:2667 [inline]
> __do_sys_sendmsg net/socket.c:2676 [inline]
> __se_sys_sendmsg net/socket.c:2674 [inline]
> __x64_sys_sendmsg+0x307/0x490 net/socket.c:2674
> do_syscall_x64 arch/x86/entry/common.c:52 [inline]
> do_syscall_64+0x44/0x110 arch/x86/entry/common.c:83
> entry_SYSCALL_64_after_hwframe+0x63/0x6b
>
> [...]
Here is the summary with links:
- netrom: check buffer length before accessing it
https://git.kernel.org/netdev/net/c/a4fd163aed2e
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
Powered by blists - more mailing lists