syzbot


KASAN: use-after-free Read in __list_del_entry_valid (2)
Status: fixed on 2018/01/11 01:23
Reported-by: syzbot+29cf0a34886ca39d13fc0451b174140973b5bed3@syzkaller.appspotmail.com
Fix commit: d76c6810 crypto: pcrypt - fix freeing pcrypt instances
First crash: 1042d, last: 1036d
duplicates (13):
Title Repro Bisected Count Last Reported Patched Status
BUG: unable to handle kernel paging request in socket_file_ops C 1 1039d 1035d 0/17 closed as dup on 2017/12/20 22:39
BUG: bad usercopy in memdup_user 107 1018d 1037d 0/17 closed as dup on 2017/12/31 08:11
general protection fault in copy_user_generic_unrolled (2) 1 1037d 1033d 0/17 closed as dup on 2017/12/31 08:14
BUG: bad usercopy in ___sys_sendmsg 70 1017d 1039d 0/17 closed as dup on 2017/12/31 08:10
BUG: unable to handle kernel NULL pointer dereference in irq_may_run C 1 1036d 1034d 0/17 closed as dup on 2017/12/23 20:38
BUG: bad usercopy in old_dev_ioctl 13 1019d 1039d 0/17 closed as dup on 2017/12/31 08:10
KASAN: use-after-free Read in __pagevec_lru_add_fn C 1 1037d 1033d 0/17 closed as dup on 2017/12/22 22:25
general protection fault in strncpy_from_user 1 1039d 1034d 0/17 closed as dup on 2017/12/31 08:14
BUG: unable to handle kernel NULL pointer dereference in __crypto_alg_lookup C 47 1035d 1038d 0/17 closed as dup on 2017/12/20 22:36
BUG: bad usercopy in memdup_user_nul 5 1024d 1037d 0/17 closed as dup on 2017/12/31 08:11
BUG: unable to handle kernel paging request in security_compute_sid C 1 1037d 1033d 0/17 closed as dup on 2017/12/22 22:14
BUG: unable to handle kernel NULL pointer dereference in sidtab_search_core C 1 1040d 1036d 0/17 closed as dup on 2017/12/22 17:05
KASAN: use-after-free Read in crypto_aead_free_instance C 5 1032d 1036d 0/17 closed as dup on 2017/12/20 22:37
similar bugs (2):
Kernel Title Repro Bisected Count Last Reported Patched Status
upstream KASAN: use-after-free Read in __list_del_entry_valid (3) C 15 946d 960d 13/17 closed as dup on 2018/03/22 15:31
upstream KASAN: use-after-free Read in __list_del_entry_valid (4) C cause 16 252d 940d 17/17 fixed on 2020/05/10 10:41

Sample crash report:

Crashes (11):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Maintainers
ci-upstream-kasan-gce 2017/12/15 23:04 upstream 032b4cc8 ac20b98c .config log report syz C davem@davemloft.net, herbert@gondor.apana.org.au, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
ci-upstream-kasan-gce 2017/12/15 07:11 upstream d455df0b ac20b98c .config log report syz C davem@davemloft.net, herbert@gondor.apana.org.au, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
ci-upstream-kasan-gce 2017/12/13 21:29 upstream d39a01ef 06ea774d .config log report syz C davem@davemloft.net, herbert@gondor.apana.org.au, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
ci-upstream-net-kasan-gce 2017/12/17 00:02 net-next 28dc4c8f b6f0c91b .config log report syz C davem@davemloft.net, herbert@gondor.apana.org.au, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
ci-upstream-net-kasan-gce 2017/12/15 22:53 net-next 3b07d788 ac20b98c .config log report syz C davem@davemloft.net, herbert@gondor.apana.org.au, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
ci-upstream-net-kasan-gce 2017/12/15 07:03 net-next 5c13e075 ac20b98c .config log report syz C davem@davemloft.net, herbert@gondor.apana.org.au, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
ci-upstream-net-kasan-gce 2017/12/13 21:16 net-next f93ea3bf 06ea774d .config log report syz C davem@davemloft.net, herbert@gondor.apana.org.au, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
ci-upstream-mmots-kasan-gce 2017/12/20 00:12 mmots 82bcf1de af9163c7 .config log report syz C davem@davemloft.net, herbert@gondor.apana.org.au, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
ci-upstream-mmots-kasan-gce 2017/12/19 18:35 mmots 82bcf1de af9163c7 .config log report syz C davem@davemloft.net, herbert@gondor.apana.org.au, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
ci-upstream-mmots-kasan-gce 2017/12/18 11:48 mmots 82bcf1de d5beb42a .config log report syz C davem@davemloft.net, herbert@gondor.apana.org.au, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
ci-upstream-mmots-kasan-gce 2017/12/17 10:30 mmots 82bcf1de b6f0c91b .config log report syz C davem@davemloft.net, herbert@gondor.apana.org.au, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org