syzbot

 sign-in | mailing list | source | docs | 🏰
🐞 Open [1323]
Subsystems
🐞 Fixed [7151]
🐞 Invalid [18907]
Missing Backports [220]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
✨ AI
💬 Send us feedback

KMSAN: kernel-infoleak in irqentry_exit

Status: upstream: reported on 2026/05/31 00:27
Subsystems: kernel
Labels: prio:high
[Documentation on labels]
Reported-by: syzbot+185a631927096f9da2fc@syzkaller.appspotmail.com
Fix commit: 6d99479799c6 rseq: Fix using an uninitialized stack variable in rseq_exit_user_update()
Patched on: [ci-qemu-gce-upstream-auto ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm32 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-snapshot-upstream-root ci-upstream-gce-arm64 ci-upstream-gce-leak ci-upstream-kasan-badwrites-root ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce-386-root ci-upstream-kmsan-gce-root ci-upstream-linux-next-kasan-gce-root ci-upstream-rust-kasan-gce ci2-upstream-fs ci2-upstream-kcsan-gce], missing on: [ci-qemu-native-arm64-kvm ci-qemu2-riscv64 ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-usb]
First crash: 15d, last: now
✨ AI Jobs (1)
ID Workflow Result Correct Ext Bug ID Bug Created Started Finished Revision Error
4fe5b83a-a4b7-4c51-a162-f562d209edae assessment-security DenialOfService: ✅ Exploitable: ❌ FilesystemTrigger: ❌ NetworkTrigger: ❌ PeripheralTrigger: ❌ RemoteTrigger: ❌ Unprivileged: ✅ UserNamespace: ✅ VMGuestTrigger: ❌ VMHostTrigger: ❌ KMSAN: kernel-infoleak in irqentry_exit 2026/05/29 20:06 2026/05/29 20:06 2026/05/29 20:41 6b4a844333e83556da95d61d7f207e7ef5cd4bc6
Discussions (2)
Title Replies (including bot) Last reply
[PATCH] rseq: fix using an uninitialized stack variable in rseq_exit_user_update 7 (7) 2026/06/02 10:45
[syzbot] [kernel?] KMSAN: kernel-infoleak in irqentry_exit 0 (1) 2026/05/31 00:27

Sample crash report:
=====================================================
BUG: KMSAN: kernel-infoleak in rseq_set_ids_get_csaddr include/linux/rseq_entry.h:502 [inline]
BUG: KMSAN: kernel-infoleak in rseq_update_usr include/linux/rseq_entry.h:536 [inline]
BUG: KMSAN: kernel-infoleak in rseq_exit_user_update include/linux/rseq_entry.h:645 [inline]
BUG: KMSAN: kernel-infoleak in __rseq_exit_to_user_mode_restart include/linux/rseq_entry.h:674 [inline]
BUG: KMSAN: kernel-infoleak in rseq_exit_to_user_mode_restart include/linux/rseq_entry.h:703 [inline]
BUG: KMSAN: kernel-infoleak in exit_to_user_mode_loop kernel/entry/common.c:100 [inline]
BUG: KMSAN: kernel-infoleak in __exit_to_user_mode_prepare include/linux/irq-entry-common.h:207 [inline]
BUG: KMSAN: kernel-infoleak in irqentry_exit_to_user_mode_prepare include/linux/irq-entry-common.h:244 [inline]
BUG: KMSAN: kernel-infoleak in irqentry_exit_to_user_mode include/linux/irq-entry-common.h:315 [inline]
BUG: KMSAN: kernel-infoleak in irqentry_exit+0x48b/0xa00 kernel/entry/common.c:162
 rseq_set_ids_get_csaddr include/linux/rseq_entry.h:502 [inline]
 rseq_update_usr include/linux/rseq_entry.h:536 [inline]
 rseq_exit_user_update include/linux/rseq_entry.h:645 [inline]
 __rseq_exit_to_user_mode_restart include/linux/rseq_entry.h:674 [inline]
 rseq_exit_to_user_mode_restart include/linux/rseq_entry.h:703 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:100 [inline]
 __exit_to_user_mode_prepare include/linux/irq-entry-common.h:207 [inline]
 irqentry_exit_to_user_mode_prepare include/linux/irq-entry-common.h:244 [inline]
 irqentry_exit_to_user_mode include/linux/irq-entry-common.h:315 [inline]
 irqentry_exit+0x48b/0xa00 kernel/entry/common.c:162
 exc_page_fault+0x7e/0xb0 arch/x86/mm/fault.c:1530
 asm_exc_page_fault+0x2b/0x30 arch/x86/include/asm/idtentry.h:618

Local variable end_time.i.i created at:
 __do_sys_poll fs/select.c:1063 [inline]
 __se_sys_poll fs/select.c:1060 [inline]
 __x64_sys_poll+0x87/0x540 fs/select.c:1060
 x64_sys_call+0x3130/0x3ea0 arch/x86/include/generated/asm/syscalls_64.h:8

Bytes 0-3 of 4 are uninitialized
Memory access of size 4 starts at ffff888129ab7e88
Data copied to user address 00007fa520453140

CPU: 1 UID: 0 PID: 5554 Comm: sshd-session Not tainted syzkaller #0 PREEMPT(lazy) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
=====================================================

Crashes (3533):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/06/11 22:16 upstream 2b414a95b8f7 d93a6ab6 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 20:58 upstream 9716c086c8e8 d93a6ab6 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 19:55 upstream 9716c086c8e8 d93a6ab6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 19:45 upstream 9716c086c8e8 d93a6ab6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 18:43 upstream 9716c086c8e8 d93a6ab6 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 18:38 upstream 9716c086c8e8 d93a6ab6 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 17:33 upstream 9716c086c8e8 d93a6ab6 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 16:29 upstream 9716c086c8e8 d93a6ab6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 15:31 upstream 9716c086c8e8 d93a6ab6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 14:26 upstream 9716c086c8e8 d93a6ab6 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 13:09 upstream 9716c086c8e8 d93a6ab6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 11:35 upstream 9716c086c8e8 b754d2d8 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 10:32 upstream 9716c086c8e8 b754d2d8 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 08:43 upstream 9716c086c8e8 b754d2d8 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 06:23 upstream 9716c086c8e8 b754d2d8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 02:47 upstream 9716c086c8e8 b754d2d8 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/10 21:43 upstream acb7500801e9 f79bac11 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/10 20:30 upstream acb7500801e9 f79bac11 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/10 20:13 upstream acb7500801e9 f79bac11 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/10 18:05 upstream acb7500801e9 f79bac11 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/10 16:04 upstream acb7500801e9 f79bac11 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/10 14:52 upstream acb7500801e9 f79bac11 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/10 11:21 upstream 685441a6d3f1 34dab4be .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/10 09:13 upstream 685441a6d3f1 34dab4be .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/10 07:17 upstream 685441a6d3f1 34dab4be .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/10 06:15 upstream 685441a6d3f1 34dab4be .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/05/30 23:53 upstream 670b77dfebe7 6b4a8443 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/05/29 19:44 upstream 8fde5d1d47f6 6b4a8443 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 21:09 upstream 9716c086c8e8 d93a6ab6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 12:45 upstream 9716c086c8e8 d93a6ab6 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 09:46 upstream 9716c086c8e8 b754d2d8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 07:46 upstream 9716c086c8e8 b754d2d8 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 05:29 upstream 9716c086c8e8 b754d2d8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 04:28 upstream 9716c086c8e8 b754d2d8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 04:24 upstream 9716c086c8e8 b754d2d8 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 03:21 upstream 9716c086c8e8 b754d2d8 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 01:44 upstream 9716c086c8e8 b754d2d8 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/11 00:44 upstream 9716c086c8e8 b754d2d8 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/10 22:38 upstream acb7500801e9 f79bac11 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/10 19:08 upstream acb7500801e9 f79bac11 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/10 17:38 upstream acb7500801e9 f79bac11 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/10 16:30 upstream acb7500801e9 f79bac11 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/10 13:52 upstream acb7500801e9 f79bac11 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/10 10:18 upstream acb7500801e9 34dab4be .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/10 08:22 upstream acb7500801e9 34dab4be .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in irqentry_exit
2026/06/10 07:17 upstream acb7500801e9 34dab4be .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in irqentry_exit
2026/05/27 00:22 upstream d60ec36cab33 2b01f00e .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in irqentry_exit
* Struck through repros no longer work on HEAD.