[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 24.957435] random: sshd: uninitialized urandom read (32 bytes read) [ 25.345029] audit: type=1400 audit(1538655342.782:6): avc: denied { map } for pid=1764 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 25.399932] random: sshd: uninitialized urandom read (32 bytes read) [ 25.844480] random: sshd: uninitialized urandom read (32 bytes read) [ 26.004900] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.31' (ECDSA) to the list of known hosts. [ 31.654783] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 31.751164] audit: type=1400 audit(1538655349.192:7): avc: denied { map } for pid=1777 comm="syz-executor161" path="/root/syz-executor161304275" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 31.778296] kasan: CONFIG_KASAN_INLINE enabled [ 31.778299] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 31.778306] general protection fault: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 31.778308] Modules linked in: [ 31.778314] CPU: 0 PID: 1777 Comm: syz-executor161 Not tainted 4.14.73+ #16 [ 31.778318] task: ffff8801d2f74680 task.stack: ffff8801d0ab0000 [ 31.778328] RIP: 0010:bpf_skb_change_tail+0x58/0xb90 [ 31.778330] RSP: 0018:ffff8801d0ab7800 EFLAGS: 00010202 [ 31.778334] RAX: dffffc0000000000 RBX: ffff8801d0976a80 RCX: 00000000fffffff9 [ 31.778337] RDX: 0000000000000043 RSI: 00000000000000fe RDI: 0000000000000218 [ 31.778339] RBP: 0000000000000000 R08: ffffffff9c412a40 R09: 0000000000000000 [ 31.778341] R10: 1ffff1003a156f2b R11: 0000000000000001 R12: 00000000000000fe [ 31.778344] R13: 1ffff1003a156f13 R14: ffffed003a156f30 R15: ffffc90000476088 [ 31.778347] FS: 0000000001237880(0000) GS:ffff8801db800000(0000) knlGS:0000000000000000 [ 31.778350] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 31.778352] CR2: 0000000020000200 CR3: 00000001d6eb2002 CR4: 00000000001606b0 [ 31.778358] Call Trace: [ 31.778370] ___bpf_prog_run+0x248e/0x5c70 [ 31.778377] ? __free_insn_slot+0x490/0x490 [ 31.778381] ? bpf_jit_compile+0x30/0x30 [ 31.778389] ? depot_save_stack+0x20a/0x428 [ 31.778394] ? __bpf_prog_run512+0x99/0xe0 [ 31.778398] ? ___bpf_prog_run+0x5c70/0x5c70 [ 31.778407] ? __lock_acquire+0x619/0x4320 [ 31.778413] ? trace_hardirqs_on+0x10/0x10 [ 31.778418] ? trace_hardirqs_on+0x10/0x10 [ 31.778422] ? __lock_acquire+0x619/0x4320 [ 31.778431] ? get_unused_fd_flags+0xc0/0xc0 [ 31.778438] ? bpf_test_run+0x57/0x350 [ 31.778444] ? lock_acquire+0x10f/0x380 [ 31.778450] ? check_preemption_disabled+0x34/0x160 [ 31.778456] ? bpf_test_run+0xab/0x350 [ 31.778462] ? bpf_prog_test_run_skb+0x63d/0x8c0 [ 31.778467] ? bpf_test_init.isra.1+0xc0/0xc0 [ 31.778472] ? __fget_light+0x163/0x1f0 [ 31.778478] ? bpf_prog_add+0x42/0xa0 [ 31.778484] ? bpf_test_init.isra.1+0xc0/0xc0 [ 31.778488] ? SyS_bpf+0x79d/0x3640 [ 31.778493] ? bpf_prog_get+0x20/0x20 [ 31.778499] ? __do_page_fault+0x485/0xb60 [ 31.778503] ? lock_downgrade+0x560/0x560 [ 31.778509] ? up_read+0x17/0x30 [ 31.778513] ? __do_page_fault+0x64c/0xb60 [ 31.778519] ? do_syscall_64+0x43/0x4b0 [ 31.778524] ? bpf_prog_get+0x20/0x20 [ 31.778527] ? do_syscall_64+0x19b/0x4b0 [ 31.778535] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 31.778540] Code: fa 48 c1 ea 03 80 3c 02 00 0f 85 eb 09 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 6b 10 48 8d bd 18 02 00 00 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 29 09 00 00 48 8d bd 26 02 [ 31.778609] RIP: bpf_skb_change_tail+0x58/0xb90 RSP: ffff8801d0ab7800 [ 31.778613] ---[ end trace 862787b751063ac9 ]--- [ 31.778616] Kernel panic - not syncing: Fatal exception [ 31.778843] Kernel Offset: 0x18e00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 32.056723] Rebooting in 86400 seconds..