Re: [syzbot] [wireless?] KASAN: slab-use-after-free Read in cmp_bss

From: Edward Adam Davis
Date: Mon Aug 11 2025 - 21:22:22 EST

Next message: Youling Tang: "Re: [PATCH 2/6] LoongArch: Add kexec_file support"
Previous message: Ethan Zhao: "Re: [PATCH v3 1/1] iommu/sva: Invalidate KVA range on kernel TLB flush"
In reply to: syzbot: "[syzbot] [wireless?] KASAN: slab-use-after-free Read in cmp_bss"
Next in thread: syzbot: "Re: [syzbot] [wireless?] KASAN: slab-use-after-free Read in cmp_bss"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

#syz test

diff --git a/net/wireless/scan.c b/net/wireless/scan.c
index a8339ed52404..dcf7cfb9ba6b 100644
--- a/net/wireless/scan.c
+++ b/net/wireless/scan.c
@@ -1917,6 +1917,7 @@ cfg80211_update_known_bss(struct cfg80211_registered_device *rdev,

f = rcu_access_pointer(new->pub.beacon_ies);
kfree_rcu((struct cfg80211_bss_ies *)f, rcu_head);
+ RCU_INIT_POINTER(new->pub.beacon_ies, NULL);
return false;
}

Next message: Youling Tang: "Re: [PATCH 2/6] LoongArch: Add kexec_file support"
Previous message: Ethan Zhao: "Re: [PATCH v3 1/1] iommu/sva: Invalidate KVA range on kernel TLB flush"
In reply to: syzbot: "[syzbot] [wireless?] KASAN: slab-use-after-free Read in cmp_bss"
Next in thread: syzbot: "Re: [syzbot] [wireless?] KASAN: slab-use-after-free Read in cmp_bss"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]