syzbot


KASAN: use-after-free Read in ethnl_update_bitset32
Status: fixed on 2020/04/15 17:19
Reported-by: syzbot+709b7a64d57978247e44@syzkaller.appspotmail.com
Fix commit: e34f1753eebc ethtool: limit bitset size
First crash: 645d, last: 636d

Cause bisection: introduced by (bisect log) :
commit bfbcfe2032e70bd8598d680d39ac177d507e39ac
Author: Michal Kubecek <mkubecek@suse.cz>
Date: Fri Dec 27 14:56:13 2019 +0000

  ethtool: set link modes related data with LINKMODES_SET request

Crash: KASAN: use-after-free Read in ethnl_update_bitset32 (log)
Repro: C syz .config

Sample crash report:

Crashes (6):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-selinux-root 2020/02/28 04:29 upstream f8788d86ab28 59b57593 .config log report syz C
ci-upstream-net-this-kasan-gce 2020/02/22 23:54 net 0c0ddd6ae47c 2c36e7a7 .config log report syz C
ci-upstream-net-kasan-gce 2020/02/22 22:34 net-next 732a0dee501f 2c36e7a7 .config log report syz C
ci-upstream-kasan-gce-selinux-root 2020/03/01 16:18 upstream 63623fd44972 c88c7b75 .config log report
ci-qemu-upstream-386 2020/02/22 17:22 upstream 54dedb5b571d 2c36e7a7 .config log report
ci-upstream-net-this-kasan-gce 2020/03/02 20:57 net 3614d05b5e6b c88c7b75 .config log report