[....] Starting enhanced syslogd: rsyslogd[ 12.427238] audit: type=1400 audit(1567274163.483:4): avc: denied { syslog } for pid=1906 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.15.213' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 37.870949] netlink: 132 bytes leftover after parsing attributes in process `syz-executor728'. [ 37.880037] ------------[ cut here ]------------ [ 37.884816] WARNING: CPU: 1 PID: 2065 at net/xfrm/xfrm_user.c:2210 xfrm_add_acquire+0x7a1/0x9c0() [ 37.894563] BAD policy passed [ 37.897726] Kernel panic - not syncing: panic_on_warn set ... [ 37.897726] [ 37.905068] CPU: 1 PID: 2065 Comm: syz-executor728 Not tainted 4.4.174+ #4 [ 37.912060] 0000000000000000 e7fcc320949610ec ffff8800b64873f0 ffffffff81aad1a1 [ 37.920125] ffff8800b6487540 ffffffff82835ee0 ffffffff82a9d500 00000000000008a2 [ 37.928155] ffffffff825836c1 ffff8800b64874d0 ffffffff813a48c2 0000000041b58ab3 [ 37.936173] Call Trace: [ 37.938746] [] dump_stack+0xc1/0x120 [ 37.944822] [] ? xfrm_add_acquire+0x7a1/0x9c0 [ 37.950948] [] panic+0x1b9/0x37b [ 37.955952] [] ? add_taint.cold+0x16/0x16 [ 37.961737] [] ? vprintk_emit+0x248/0x820 [ 37.967539] [] ? warn_slowpath_common.cold+0x5/0x20 [ 37.974194] [] warn_slowpath_common.cold+0x20/0x20 [ 37.980763] [] warn_slowpath_fmt+0xbf/0x100 [ 37.986717] [] ? warn_slowpath_common+0x120/0x120 [ 37.993195] [] ? lockdep_init_map+0x114/0x1520 [ 37.999523] [] ? __raw_spin_lock_init+0x2d/0x100 [ 38.005916] [] xfrm_add_acquire+0x7a1/0x9c0 [ 38.011865] [] ? log_wakeup_reason.cold+0x145/0x145 [ 38.018510] [] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 38.025339] [] ? _raw_spin_unlock_irqrestore+0x45/0x70 [ 38.032255] [] ? xfrm_policy_construct+0x770/0x770 [ 38.038814] [] ? nla_parse+0x15f/0x1c0 [ 38.044340] [] ? xfrm_policy_construct+0x770/0x770 [ 38.050898] [] xfrm_user_rcv_msg+0x37c/0x630 [ 38.057723] [] ? xfrm_dump_sa_done+0xa0/0xa0 [ 38.063764] [] ? trace_hardirqs_on+0x10/0x10 [ 38.069872] [] ? __lock_acquire+0xa4f/0x4f50 [ 38.075922] [] ? mutex_trylock+0x500/0x500 [ 38.081915] [] netlink_rcv_skb+0xd4/0x2e0 [ 38.087806] [] ? xfrm_dump_sa_done+0xa0/0xa0 [ 38.093847] [] xfrm_netlink_rcv+0x70/0x90 [ 38.099627] [] netlink_unicast+0x4d7/0x700 [ 38.105717] [] ? netlink_sendskb+0x60/0x60 [ 38.111582] [] netlink_sendmsg+0x6b6/0xc80 [ 38.117449] [] ? nlmsg_notify+0x170/0x170 [ 38.123231] [] ? selinux_socket_sendmsg+0x3f/0x50 [ 38.129708] [] ? security_socket_sendmsg+0x8f/0xc0 [ 38.136405] [] ? nlmsg_notify+0x170/0x170 [ 38.142196] [] sock_sendmsg+0xbe/0x110 [ 38.147717] [] ___sys_sendmsg+0x769/0x890 [ 38.153524] [] ? copy_msghdr_from_user+0x550/0x550 [ 38.160095] [] ? __alloc_pages_direct_compact+0x220/0x220 [ 38.167270] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 38.174005] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 38.180748] [] ? check_preemption_disabled+0x3c/0x200 [ 38.187571] [] ? check_preemption_disabled+0x3c/0x200 [ 38.194406] [] ? handle_mm_fault+0xc10/0x3140 [ 38.200541] [] ? _raw_spin_unlock+0x2d/0x50 [ 38.206500] [] ? handle_mm_fault+0x98d/0x3140 [ 38.212632] [] ? __fd_install+0x25b/0x640 [ 38.218435] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 38.225179] [] ? __fget_light+0xa3/0x1f0 [ 38.230870] [] ? __fdget+0x1b/0x20 [ 38.236045] [] __sys_sendmsg+0xc5/0x160 [ 38.241659] [] ? SyS_shutdown+0x1a0/0x1a0 [ 38.247685] [] ? retint_user+0x18/0x3c [ 38.253211] [] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 38.260033] [] SyS_sendmsg+0x2d/0x50 [ 38.265380] [] entry_SYSCALL_64_fastpath+0x1e/0x9a [ 38.272503] Kernel Offset: disabled [ 38.276260] Rebooting in 86400 seconds..