Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 18 Aug 2022 10:25:35 +0200
From: Greg KH <greg@...ah.com>
To: oss-security@...ts.openwall.com
Subject: Re: Linux kernel: stack-out-of-bounds in profile_pc

On Thu, Aug 18, 2022 at 05:41:30AM +0000, 黄 晓 wrote:
> Hello:
>       
>       I found a bug through the syzkaller fuzz tool, you need to set CONFIG_KASAN=y, the crash information is displayed as out-of-bounds reading, I am weak and unable to analyze the harm of this bug.
> The bug program cannot be reproduced stably and needs to be run multiple times.

It would have been helpful to notify the developers and maintainers of
this code that there is an issue.  They will not see a random email on
the oss-security mailing list as they are not subscribed here.

To find who is responsible for this code, use the get_maintainers.pl
script in the kernel tree.  The output for it for this problem is:

$ ./scripts/get_maintainer.pl arch/x86/kernel/time.c
Thomas Gleixner <tglx@...utronix.de> (maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT))
Ingo Molnar <mingo@...hat.com> (maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT))
Borislav Petkov <bp@...en8.de> (maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT))
Dave Hansen <dave.hansen@...ux.intel.com> (maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT))
x86@...nel.org (maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT))
"H. Peter Anvin" <hpa@...or.com> (reviewer:X86 ARCHITECTURE (32-BIT AND 64-BIT))
linux-kernel@...r.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND 64-BIT))

Also, this issue seems to require root permissions (i.e. write
permissions on the kernel profiler) in order to be triggered.

Hope this helps,

greg k-h

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.