From: Linus Torvalds <torvalds@linux-foundation.org>
To: Dmitry Vyukov <dvyukov@google.com>
Cc: syzbot <syzbot+3f1ca6a6fec34d601788@syzkaller.appspotmail.com>,
Andrey Konovalov <andreyknvl@google.com>,
ath9k-devel@qca.qualcomm.com, chouhan.shreyansh630@gmail.com,
David Miller <davem@davemloft.net>,
Jakub Kicinski <kuba@kernel.org>,
Kalle Valo <kvalo@codeaurora.org>,
Linux Kbuild mailing list <linux-kbuild@vger.kernel.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
"open list:USB GADGET/PERIPHERAL SUBSYSTEM"
<linux-usb@vger.kernel.org>,
linux-wireless <linux-wireless@vger.kernel.org>,
Masahiro Yamada <masahiroy@kernel.org>,
Michal Marek <michal.lkml@markovi.net>,
Nick Desaulniers <ndesaulniers@google.com>,
Netdev <netdev@vger.kernel.org>,
syzkaller-bugs <syzkaller-bugs@googlegroups.com>,
Zekun Shen <bruceshenzk@gmail.com>
Subject: Re: [syzbot] KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb (3)
Date: Wed, 16 Mar 2022 09:01:18 -0700 [thread overview]
Message-ID: <CAHk-=wj270g1sHyvvMz99d5x5A_2BXJExzKGNhF1Ch8Y2Mi0pA@mail.gmail.com> (raw)
In-Reply-To: <CACT4Y+atgbwmYmiYqhFQT9_oHw5cD5oyp5bNyCJNz34wSaMgmg@mail.gmail.com>
On Wed, Mar 16, 2022 at 12:45 AM Dmitry Vyukov <dvyukov@google.com> wrote:
>
> But the bug looks to be fixed by something anyway. git log on the file
> pretty clearly points to:
>
> #syz fix: ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream
Yeah, that commit 6ce708f54cc8 looks a lot more likely to have any
effect on this than my version bump that the syzbot bisection pointed
to.
But kernels containing that commit still have that
run #0: crashed: KASAN: use-after-free Read in ath9k_hif_usb_rx_cb
so apparently it isn't actually fully fixed. ;(
Linus
next prev parent reply other threads:[~2022-03-16 16:02 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-05 16:03 KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb (3) syzbot
2021-06-06 21:16 ` [syzbot] " syzbot
2022-03-15 9:36 ` syzbot
2022-03-15 17:08 ` Linus Torvalds
2022-03-16 7:45 ` Dmitry Vyukov
2022-03-16 16:01 ` Linus Torvalds [this message]
[not found] <20220317111127.2117-1-hdanton@sina.com>
2022-03-17 11:11 ` syzbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAHk-=wj270g1sHyvvMz99d5x5A_2BXJExzKGNhF1Ch8Y2Mi0pA@mail.gmail.com' \
--to=torvalds@linux-foundation.org \
--cc=andreyknvl@google.com \
--cc=ath9k-devel@qca.qualcomm.com \
--cc=bruceshenzk@gmail.com \
--cc=chouhan.shreyansh630@gmail.com \
--cc=davem@davemloft.net \
--cc=dvyukov@google.com \
--cc=kuba@kernel.org \
--cc=kvalo@codeaurora.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-usb@vger.kernel.org \
--cc=linux-wireless@vger.kernel.org \
--cc=masahiroy@kernel.org \
--cc=michal.lkml@markovi.net \
--cc=ndesaulniers@google.com \
--cc=netdev@vger.kernel.org \
--cc=syzbot+3f1ca6a6fec34d601788@syzkaller.appspotmail.com \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.