Re: KASAN: use-after-free Read in crypto_gcm_init_common

From: Kees Cook
Date: Tue Apr 23 2019 - 16:11:07 EST

Next message: J. Bruce Fields: "[GIT PULL] nfsd bugfixes for 5.1"
Previous message: Marcel Holtmann: "Re: [RFC] Bluetooth: Retry configure request if result is L2CAP_CONF_UNKNOWN"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Mar 21, 2019 at 2:33 AM syzbot
<syzbot+e736399a2c4054612307@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
>
> syzbot has bisected this bug to:
>
> commit 428490e38b2e352812e0b765d8bceafab0ec441d
> Author: Jason A. Donenfeld <Jason@xxxxxxxxx>
> Date: Wed Sep 20 14:58:39 2017 +0000
>
> security/keys: rewrite all of big_key crypto
>
> bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=160eabcf200000
> start commit: 428490e3 security/keys: rewrite all of big_key crypto
> git tree: upstream
> final crash: https://syzkaller.appspot.com/x/report.txt?x=150eabcf200000
> console output: https://syzkaller.appspot.com/x/log.txt?x=110eabcf200000
> kernel config: https://syzkaller.appspot.com/x/.config?x=9384ecb1c973baed
> dashboard link: https://syzkaller.appspot.com/bug?extid=e736399a2c4054612307
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=17902f5b400000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=111377e5400000
>
> Reported-by: syzbot+e736399a2c4054612307@xxxxxxxxxxxxxxxxxxxxxxxxx
> Fixes: 428490e38b2e ("security/keys: rewrite all of big_key crypto")

Did this regression get fixed?

--
Kees Cook

Next message: J. Bruce Fields: "[GIT PULL] nfsd bugfixes for 5.1"
Previous message: Marcel Holtmann: "Re: [RFC] Bluetooth: Retry configure request if result is L2CAP_CONF_UNKNOWN"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]