Re: KASAN: use-after-free Read in blkcipher_walk_virt
From: Eric Biggers
Date: Thu Nov 30 2017 - 04:00:05 EST
On Thu, Nov 30, 2017 at 12:37:01AM -0800, syzbot wrote:
> ==================================================================
> BUG: KASAN: use-after-free in crypto_tfm_alg_blocksize
> include/linux/crypto.h:671 [inline]
> BUG: KASAN: use-after-free in crypto_blkcipher_blocksize
> include/linux/crypto.h:1214 [inline]
> BUG: KASAN: use-after-free in blkcipher_walk_virt+0x286/0x2a0
> crypto/blkcipher.c:304
> Read of size 8 at addr ffff8801ccba7f38 by task syz-executor5/4473
>
#syz dup: KASAN: use-after-free Read in aead_recvmsg