Re: [syzbot] Re: [syzbot] [kernel?] KMSAN: kernel-infoleak in vmci_host_unlocked_ioctl (3)

From: syzbot
Date: Fri Jun 27 2025 - 01:13:20 EST

Next message: Oleksij Rempel: "[PATCH net v1 1/1] net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect"
Previous message: Thomas Weißschuh: "Re: [RFC PATCH 3/3] tools/nolibc: add a new "install_all_archs" target"
In reply to: syzbot: "Re: [syzbot] Re: [syzbot] [kernel?] KMSAN: kernel-infoleak in vmci_host_unlocked_ioctl (3)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

For archival purposes, forwarding an incoming command email to
linux-kernel@xxxxxxxxxxxxxxx.

***

Subject: Re: [syzbot] [kernel?] KMSAN: kernel-infoleak in vmci_host_unlocked_ioctl (3)
Author: lizhi.xu@xxxxxxxxxxxxx

#syz test

diff --git a/drivers/misc/vmw_vmci/vmci_context.c b/drivers/misc/vmw_vmci/vmci_context.c
index f22b44827e92..c4fcc62761a7 100644
--- a/drivers/misc/vmw_vmci/vmci_context.c
+++ b/drivers/misc/vmw_vmci/vmci_context.c
@@ -251,6 +251,7 @@ static int ctx_fire_notification(u32 context_id, u32 priv_flags)
ev.msg.hdr.src = vmci_make_handle(VMCI_HYPERVISOR_CONTEXT_ID,
VMCI_CONTEXT_RESOURCE_ID);
ev.msg.hdr.payload_size = sizeof(ev) - sizeof(ev.msg.hdr);
+ memset((char*)&ev.msg.hdr + sizeof(ev.msg.hdr), 0, ev.msg.hdr.payload_size);
ev.msg.event_data.event = VMCI_EVENT_CTX_REMOVED;
ev.payload.context_id = context_id;

Next message: Oleksij Rempel: "[PATCH net v1 1/1] net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect"
Previous message: Thomas Weißschuh: "Re: [RFC PATCH 3/3] tools/nolibc: add a new "install_all_archs" target"
In reply to: syzbot: "Re: [syzbot] Re: [syzbot] [kernel?] KMSAN: kernel-infoleak in vmci_host_unlocked_ioctl (3)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]