oss-sec mailing list archives
Re: KASAN: use-after-free in con_scroll
From: Greg KH <gregkh () linuxfoundation org>
Date: Wed, 3 Feb 2021 08:19:09 +0100
On Wed, Feb 03, 2021 at 03:04:55PM +0800, ???? wrote:
Dear Linux kernel developers, I found a crash "KASAN: use-after-free in con_scroll+0x45c/0x620 drivers/tty/vt/vt.c:641" when running the syzkaller, It is can be reproduced. I did not find a report about this problem. Hope it is useful. Linux version: Linux v5.9-rc8 (549738f15) The following is the crash report. ================================================================== BUG: KASAN: use-after-free in scr_memmovew include/linux/vt_buffer.h:68 [inline] BUG: KASAN: use-after-free in con_scroll+0x45c/0x620 drivers/tty/vt/vt.c:641 Read of size 693770 at addr ffff8880000b894c by task syz-executor.2/7755 CPU: 0 PID: 7755 Comm: syz-executor.2 Not tainted 5.1.0 #4
5.1.0 is _VERY_ old, please try reproducing this on a more modern kernel (i.e. 5.10 or newer). thanks, greg k-h
Current thread:
- KASAN: use-after-free in con_scroll ???? (Feb 02)
- Re: KASAN: use-after-free in con_scroll Greg KH (Feb 02)