syzbot


KASAN: use-after-free Write in __alloc_skb (2)
Status: fixed on 2020/02/18 14:31
Reported-by: syzbot+@syzkaller.appspotmail.com
Fix commit: d836f5c69d87 net-backports: net: rtnetlink: validate IFLA_MTU attribute in rtnl_create_link()
First crash: 647d, last: 631d

Cause bisection: the issue happens on the oldest tested release (bisect log)
Crash: KASAN: use-after-free Write in __alloc_skb (log)
Repro: C syz .config
similar bugs (5):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.19 KASAN: use-after-free Write in __alloc_skb C done 2 617d 685d 1/1 fixed on 2020/02/11 15:16
upstream KASAN: use-after-free Write in __alloc_skb (3) C done inconclusive 2 49d 418d 0/22 upstream: reported C repro on 2020/07/29 18:24
linux-4.14 KASAN: use-after-free Write in __alloc_skb (2) C 1 28d 423d 0/1 upstream: reported C repro on 2020/07/24 01:04
upstream KASAN: use-after-free Write in __alloc_skb 2 671d 677d 0/22 closed as invalid on 2019/12/08 05:44
linux-4.14 KASAN: use-after-free Write in __alloc_skb C done 1 617d 647d 1/1 fixed on 2020/02/14 21:56

Sample crash report:

Crashes (7):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-selinux-root 2019/12/13 14:24 upstream ae4b064e2a61 08003f64 .config log report syz C
ci-upstream-kasan-gce-root 2019/12/13 09:38 upstream ae4b064e2a61 08003f64 .config log report syz C
ci-upstream-kasan-gce 2019/12/13 08:10 upstream ae4b064e2a61 08003f64 .config log report syz C
ci-upstream-kasan-gce-386 2019/12/13 08:30 upstream ae4b064e2a61 08003f64 .config log report syz C
ci-upstream-linux-next-kasan-gce-root 2019/12/24 16:12 linux-next 7ddd09fc4b74 be5c2c81 .config log report syz C
ci-upstream-kasan-gce 2019/12/29 18:23 upstream bf8d1cd43865 af6b8ef8 .config log report
ci-upstream-kasan-gce 2019/12/13 07:45 upstream ae4b064e2a61 08003f64 .config log report