Re: KASAN: use-after-free Read in j1939_sk_recv

From: syzbot
Date: Sun Nov 10 2019 - 17:55:08 EST

Next message: Vladimir Zapolskiy: "Re: [PATCH] usb: gadget: udc: lpc32xx: don't dereference ep until it has been null checked"
Previous message: syzbot: "KASAN: use-after-free Read in j1939_session_get_by_addr_locked"
In reply to: syzbot: "KASAN: use-after-free Read in j1939_sk_recv"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

syzbot has bisected this bug to:

commit 9d71dd0c70099914fcd063135da3c580865e924c
Author: The j1939 authors <linux-can@xxxxxxxxxxxxxxx>
Date: Mon Oct 8 09:48:36 2018 +0000

can: add support of SAE J1939 protocol

bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=10f08e72e00000
start commit: 5591cf00 Add linux-next specific files for 20191108
git tree: linux-next
final crash: https://syzkaller.appspot.com/x/report.txt?x=12f08e72e00000
console output: https://syzkaller.appspot.com/x/log.txt?x=14f08e72e00000
kernel config: https://syzkaller.appspot.com/x/.config?x=e1036c6ef52866f9
dashboard link: https://syzkaller.appspot.com/bug?extid=07ca5bce8530070a5650
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=165ad206e00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=14cf9c3ce00000

Reported-by: syzbot+07ca5bce8530070a5650@xxxxxxxxxxxxxxxxxxxxxxxxx
Fixes: 9d71dd0c7009 ("can: add support of SAE J1939 protocol")

For information about bisection process see: https://goo.gl/tpsmEJ#bisection

Next message: Vladimir Zapolskiy: "Re: [PATCH] usb: gadget: udc: lpc32xx: don't dereference ep until it has been null checked"
Previous message: syzbot: "KASAN: use-after-free Read in j1939_session_get_by_addr_locked"
In reply to: syzbot: "KASAN: use-after-free Read in j1939_sk_recv"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]