Re: KASAN: slab-use-after-free Read in nfc_llcp_unregister_device

[Aleksandr Nogikh]

Hi,

Please also note this report by syzbot:
https://syzkaller.appspot.com/bug?extid=81232c4a81a886e2b580

Its title is a bit different, but the stacktraces are the same. At the
bottom, you may also find KASAN crashes.

Judging by the "Discussions" block, there've been a couple of fix
attempts already, but they did not make it to the kernel.

-- 
Aleksandr

On Wed, Oct 25, 2023 at 9:03 AM Abagail ren <renzezhongucas@xxxxxxxxx> wrote:
>
> Good day, dear maintainers.
>
> Since the email system replied that it refused to accept the email because the text contained HTML, I sent it to you again in the form of shared files.
>
> We found a bug using a modified kernel configuration file used by syzbot.
>
> We enhanced the probability of vulnerability discovery using our prototype system developed based on syzkaller and found a bug "' KASAN: slab-use-after-free Read in nfc_llcp_unregister_device." I'm still working on it to find out its root cause and availability.
>
> The stack information: https://docs.google.com/document/d/1gdHebCRsvVsSPKfilcoXVu3Pctvoj2FSZCACcVYZXns/edit?usp=sharing
>
> Kernel Branch: 6.4.0-rc3
>
> Kernel Config: https://docs.google.com/document/d/1WIM0btqS2dex18HQYaL2xyoW6WdX2TsaNguTnWzHMps/edit?usp=sharing
>
> Reproducer:  https://docs.google.com/document/d/1LrgGdOgZwO8wz0opusZ7flP9QSFZa32GdozvoxGysyY/edit?usp=sharing
>
> Thank you!
>
> Best regards,
> Ren Zezhong
>
> --
> You received this message because you are subscribed to the Google Groups "syzkaller" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller+unsubscribe@xxxxxxxxxxxxxxxx.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller/CALkECRjyG8AtbUunWFYErQethdyCfiNC2-ZHP6oVtO3%2BGHxahA%40mail.gmail.com.