syzbot


general protection fault in ima_free_template_entry
Status: fixed on 2020/07/17 17:58
Reported-by: syzbot+223310b454ba6b75974e@syzkaller.appspotmail.com
Fix commit: 42413b49804b ima: Directly free *entry in ima_alloc_init_template() if digests is NULL
First crash: 552d, last: 532d

Cause bisection: introduced by (bisect log) :
commit aa724fe18a8a8285d0071c3bfc932efb090d142d
Author: Roberto Sassu <roberto.sassu@huawei.com>
Date: Wed Mar 25 10:47:09 2020 +0000

  ima: Switch to dynamically allocated buffer for template digests

Crash: general protection fault in ima_free_template_entry (log)
Repro: C syz .config

Sample crash report:

Crashes (3):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-linux-next-kasan-gce-root 2020/06/04 05:23 linux-next e7b08814b16b a5ce5de0 .config log report syz C
ci-upstream-linux-next-kasan-gce-root 2020/06/24 18:47 linux-next e7b08814b16b 54566aff .config log report
ci-upstream-linux-next-kasan-gce-root 2020/06/04 05:03 linux-next e7b08814b16b a5ce5de0 .config log report