Re: BUG: KASAN: slab-use-after-free Read in gsm_dlci_config

From: Greg KH
Date: Tue Nov 19 2024 - 04:45:11 EST

Next message: Raviteja Laggyshetty: "Re: [PATCH V4 1/3] dt-bindings: interconnect: Add EPSS L3 compatible for SA8775P"
Previous message: Andrei Stefanescu: "Re: [PATCH v6 1/7] dt-bindings: mfd: add support for the NXP SIUL2 module"
In reply to: Juefei Pu: "BUG: KASAN: slab-use-after-free Read in gsm_dlci_config"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Nov 18, 2024 at 09:22:54PM -0800, Juefei Pu wrote:
> Hello,
> We found the following issue using syzkaller on Linux v6.11.
> In function `gsm_dlci_config`, a use-after-free on object `dlci` has
> been detected.
> Since the reproducer takes around 10 seconds to trigger the bug, it
> might be a race condition one.

There are so many race conditions and other known-broken things in this
driver, please see the mailing list archives for the details. It's well
documented that no one should be using this code unless you have the
hardware and know how to lock down your system for it.

That being said, patches are gladly accepted to resolve these issues,
please send them as you have a working reproducer!

thanks,

greg k-h

Next message: Raviteja Laggyshetty: "Re: [PATCH V4 1/3] dt-bindings: interconnect: Add EPSS L3 compatible for SA8775P"
Previous message: Andrei Stefanescu: "Re: [PATCH v6 1/7] dt-bindings: mfd: add support for the NXP SIUL2 module"
In reply to: Juefei Pu: "BUG: KASAN: slab-use-after-free Read in gsm_dlci_config"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]