syzbot

 sign-in | mailing list | source | docs
🐞 Open [1078] 🐞 Fixed [2861] 🐞 Invalid [4889]

KASAN: use-after-free Read in hci_send_acl
Status: upstream: reported C repro on 2020/08/02 20:46
Reported-by: syzbot+98228e7407314d2d4ba2@syzkaller.appspotmail.com
First crash: 169d, last: 11d

Cause bisection: introduced by (bisect log) :
commit 4ffcd582301bd020b1f9d00c55473af305ec19b5
Author: Michael Chan <michael.chan@broadcom.com>
Date: Mon Sep 19 07:58:07 2016 +0000

  bnxt_en: Pad TX packets below 52 bytes.

Crash: KASAN: use-after-free Read in batadv_iv_ogm_queue_add (log)
Repro: C syz .config
similar bugs (2):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.19 KASAN: use-after-free Read in hci_send_acl C 3 17d 169d 0/1 upstream: reported C repro on 2020/08/02 21:29
linux-4.14 KASAN: use-after-free Read in hci_send_acl C 3 14d 169d 0/1 upstream: reported C repro on 2020/08/02 14:47

Sample crash report:

Fix bisection attempts:
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info
ci-upstream-kasan-gce-selinux-root 2021/01/07 16:02 upstream 71c061d2 63a73341 .config log report syz C
ci-upstream-kasan-gce-selinux-root 2020/12/07 15:25 upstream 0477e928 63a73341 .config log report syz C
ci-upstream-kasan-gce-selinux-root 2020/11/07 06:59 upstream 659caaf6 63a73341 .config log report syz C
ci-upstream-kasan-gce-selinux-root 2020/10/08 05:00 upstream c85fb28b 63a73341 .config log report syz C
ci-upstream-kasan-gce-selinux-root 2020/09/02 16:04 upstream 9c7d619b 63a73341 .config log report syz C
Crashes (2):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Maintainers
ci-upstream-kasan-gce-selinux-root 2020/08/02 19:29 upstream ac3a0c84 63a73341 .config log report syz C davem@davemloft.net, johan.hedberg@gmail.com, kuba@kernel.org, linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org, marcel@holtmann.org, netdev@vger.kernel.org
ci-upstream-kasan-gce-smack-root 2020/08/02 13:37 upstream ac3a0c84 63a73341 .config log report syz C davem@davemloft.net, johan.hedberg@gmail.com, kuba@kernel.org, linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org, marcel@holtmann.org, netdev@vger.kernel.org