security_inode_follow_link: KASAN UAF localization report

Next message: Rosen Penev: "[PATCH] mips: dts: ar9132: fix wdt node name"
Previous message: Vikash Garodia: "Re: [PATCH v7 00/12] media: iris: Add support for glymur platform"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: David Maximiliano Hermitte

Date: Mon Jun 08 2026 - 01:31:51 EST

Hello,

I reproduced this issue locally in a QEMU/TCG VM and I can confirm a valid BEFORE signal.

Summary of the local evidence:

- Reproducer started: yes
- KASAN seen: yes
- use-after-free seen: yes
- target function seen: security_inode_follow_link
- target file seen: security/security.c
- Call Trace seen: yes
- RIP seen: yes
- BEFORE validation: true

At this point I am treating this as a localization report, not as a final patch submission.

The trace points to the security_inode_follow_link / link-follow path. I would prefer not to guess the final fix, since I do not yet have a validated AFTER patch for this issue.

I can provide the reproducer evidence and retest any proposed patch if helpful.

Thanks,
David