Re: KASAN: slab-use-after-free Read in nfc_llcp_unregister_device
From: Krzysztof Kozlowski
Date: Wed Oct 25 2023 - 03:23:27 EST
On 25/10/2023 08:27, Abagail ren wrote:
> Good day, dear maintainers.
>
> Since the email system replied that it refused to accept the email because
> the text contained HTML, I sent it to you again in the form of shared files.
>
> We found a bug using a modified kernel configuration file used by syzbot.
>
> We enhanced the probability of vulnerability discovery using our prototype
> system developed based on syzkaller and found a bug "' KASAN:
> slab-use-after-free Read in nfc_llcp_unregister_device." I'm still working
> on it to find out its root cause and availability.
>
> The stack information:
> https://docs.google.com/document/d/1gdHebCRsvVsSPKfilcoXVu3Pctvoj2FSZCACcVYZXns/edit?usp=sharing
>
> Kernel Branch: 6.4.0-rc3
>
Hi,
I received two emails from you, so I am not sure if these are separate
issues or not.
Anyway, there were fixes to these paths and you are testing quite old
kernel. If you have the reproducer, it should be straightforward to test
new kernel, so please do so. Test on linux-next.
> Kernel Config:
> https://docs.google.com/document/d/1WIM0btqS2dex18HQYaL2xyoW6WdX2TsaNguTnWzHMps/edit?usp=sharing
>
> Reproducer:
> https://docs.google.com/document/d/1LrgGdOgZwO8wz0opusZ7flP9QSFZa32GdozvoxGysyY/edit?usp=sharing
Best regards,
Krzysztof