Re: KASAN: use-after-free Read in crypto_gcm_init_common
From: Kees Cook
Date:  Tue Apr 23 2019 - 16:11:07 EST
On Thu, Mar 21, 2019 at 2:33 AM syzbot
<syzbot+e736399a2c4054612307@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
>
> syzbot has bisected this bug to:
>
> commit 428490e38b2e352812e0b765d8bceafab0ec441d
> Author: Jason A. Donenfeld <Jason@xxxxxxxxx>
> Date:   Wed Sep 20 14:58:39 2017 +0000
>
>      security/keys: rewrite all of big_key crypto
>
> bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=160eabcf200000
> start commit:   428490e3 security/keys: rewrite all of big_key crypto
> git tree:       upstream
> final crash:    https://syzkaller.appspot.com/x/report.txt?x=150eabcf200000
> console output: https://syzkaller.appspot.com/x/log.txt?x=110eabcf200000
> kernel config:  https://syzkaller.appspot.com/x/.config?x=9384ecb1c973baed
> dashboard link: https://syzkaller.appspot.com/bug?extid=e736399a2c4054612307
> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=17902f5b400000
> C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=111377e5400000
>
> Reported-by: syzbot+e736399a2c4054612307@xxxxxxxxxxxxxxxxxxxxxxxxx
> Fixes: 428490e38b2e ("security/keys: rewrite all of big_key crypto")
Did this regression get fixed?
-- 
Kees Cook