Re: [syzbot] [PATCH net] netlink: Fix kernel-infoleak in __skb_datagram_iter()

From: syzbot
Date: Mon Feb 19 2024 - 23:50:33 EST

Next message: Tomasz Figa: "Re: [syzbot] [usb?] [media?] possible deadlock in vb2_video_unregister_device"
Previous message: Chengming Zhou: "Re: [PATCH v4] mm/swap: fix race when skipping swapcache"
In reply to: syzbot: "Re: [syzbot] [PATCH net] netlink: Fix kernel-infoleak in __skb_datagram_iter()"
Next in thread: syzbot: "Re: [syzbot] [PATCH net] netlink: Fix kernel-infoleak in __skb_datagram_iter()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

For archival purposes, forwarding an incoming command email to
linux-kernel@xxxxxxxxxxxxxxx.

***

Subject: [PATCH net] netlink: Fix kernel-infoleak in __skb_datagram_iter()
Author: ryasuoka@xxxxxxxxxx

#syz test

diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index 9c962347cf85..ff315351269f 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -167,7 +167,7 @@ static inline u32 netlink_group_mask(u32 group)
static struct sk_buff *netlink_to_full_skb(const struct sk_buff *skb,
gfp_t gfp_mask)
{
- unsigned int len = skb_end_offset(skb);
+ unsigned int len = skb->len;
struct sk_buff *new;

new = alloc_skb(len, gfp_mask);

Next message: Tomasz Figa: "Re: [syzbot] [usb?] [media?] possible deadlock in vb2_video_unregister_device"
Previous message: Chengming Zhou: "Re: [PATCH v4] mm/swap: fix race when skipping swapcache"
In reply to: syzbot: "Re: [syzbot] [PATCH net] netlink: Fix kernel-infoleak in __skb_datagram_iter()"
Next in thread: syzbot: "Re: [syzbot] [PATCH net] netlink: Fix kernel-infoleak in __skb_datagram_iter()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]