Re: Linux kernel: stack-out-of-bounds in profile_pc

[Greg KH <greg () kroah com>]

On Thu, Aug 18, 2022 at 05:41:30AM +0000, 黄 晓 wrote:
> Hello:
>       
>       I found a bug through the syzkaller fuzz tool, you need to set CONFIG_KASAN=y, the crash information is 
> displayed as out-of-bounds reading, I am weak and unable to analyze the harm of this bug.
> The bug program cannot be reproduced stably and needs to be run multiple times.

It would have been helpful to notify the developers and maintainers of
this code that there is an issue.  They will not see a random email on
the oss-security mailing list as they are not subscribed here.

To find who is responsible for this code, use the get_maintainers.pl
script in the kernel tree.  The output for it for this problem is:

$ ./scripts/get_maintainer.pl arch/x86/kernel/time.c
Thomas Gleixner <tglx () linutronix de> (maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT))
Ingo Molnar <mingo () redhat com> (maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT))
Borislav Petkov <bp () alien8 de> (maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT))
Dave Hansen <dave.hansen () linux intel com> (maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT))
x86 () kernel org (maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT))
"H. Peter Anvin" <hpa () zytor com> (reviewer:X86 ARCHITECTURE (32-BIT AND 64-BIT))
linux-kernel () vger kernel org (open list:X86 ARCHITECTURE (32-BIT AND 64-BIT))

Also, this issue seems to require root permissions (i.e. write
permissions on the kernel profiler) in order to be triggered.

Hope this helps,

greg k-h