syzbot


KASAN: use-after-free Read in trailing_symlink
Status: fixed on 2019/04/12 08:05
Reported-by: syzbot+a13e5ead792d6df37818@syzkaller.appspotmail.com
Fix commit: 1da6c4d9 bpf: fix use after free in bpf_evict_inode
First crash: 176d, last: 162d

Bisection: introduced by (bisect log):

commit 0f98621bef5d2b7ad41f6595899660af344f5016
Author: Daniel Borkmann <daniel@iogearbox.net>
Date: Sat Oct 29 00:30:46 2016 +0000

  bpf, inode: add support for symlinks and fix mtime/ctime

Tree: upstream
Crash: KASAN: use-after-free Read in link_path_walk (log)
Repro: syz .config
similar bugs (1):
Kernel Title Repro Bisected Count Last Reported Patched Status
android-414 KASAN: use-after-free Read in trailing_symlink 1 87d 40d 0/1 public: reported on 2019/04/14 08:52

Sample crash report:

All crashes (2):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro Maintainers
ci-upstream-kasan-gce-root 2018/11/28 15:38 upstream ef78e5ec 4b6d14f2 .config log report syz linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, viro@zeniv.linux.org.uk
ci-upstream-kasan-gce-root 2018/12/13 02:51 upstream f5d58277 02613a41 .config log report syz linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, viro@zeniv.linux.org.uk