oss-sec mailing list archives

Re: KASAN: use-after-free in con_scroll

From: Greg KH <gregkh () linuxfoundation org>
Date: Wed, 3 Feb 2021 08:19:09 +0100

On Wed, Feb 03, 2021 at 03:04:55PM +0800, ???? wrote:

Dear Linux kernel developers,

I found a crash "KASAN: use-after-free in con_scroll+0x45c/0x620 drivers/tty/vt/vt.c:641"  when running the 
syzkaller,  

It is can be reproduced. I did not find a report about this problem. Hope it is useful.




Linux version: Linux v5.9-rc8 (549738f15)


The following is the crash report.

==================================================================

BUG: KASAN: use-after-free in scr_memmovew include/linux/vt_buffer.h:68 [inline]
BUG: KASAN: use-after-free in con_scroll+0x45c/0x620 drivers/tty/vt/vt.c:641
Read of size 693770 at addr ffff8880000b894c by task syz-executor.2/7755

CPU: 0 PID: 7755 Comm: syz-executor.2 Not tainted 5.1.0 #4


5.1.0 is _VERY_ old, please try reproducing this on a more modern kernel
(i.e. 5.10 or newer).

thanks,

greg k-h

Current thread:

KASAN: use-after-free in con_scroll ???? (Feb 02)
- Re: KASAN: use-after-free in con_scroll Greg KH (Feb 02)

oss-sec mailing list archives

Re: KASAN: use-after-free in con_scroll​

Current thread:

Re: KASAN: use-after-free in con_scroll