[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] Linux kernel: stack-out-of-bounds in profile_pc
From:       Greg KH <greg () kroah ! com>
Date:       2022-08-18 8:25:35
Message-ID: Yv33fx1J/hQXTtSk () kroah ! com
[Download RAW message or body]

On Thu, Aug 18, 2022 at 05:41:30AM +0000, 黄 晓 wrote:
> Hello:
>       
>       I found a bug through the syzkaller fuzz tool, you need to set \
> CONFIG_KASAN=y, the crash information is displayed as out-of-bounds reading, I am \
> weak and unable to analyze the harm of this bug. The bug program cannot be \
> reproduced stably and needs to be run multiple times.

It would have been helpful to notify the developers and maintainers of
this code that there is an issue.  They will not see a random email on
the oss-security mailing list as they are not subscribed here.

To find who is responsible for this code, use the get_maintainers.pl
script in the kernel tree.  The output for it for this problem is:

$ ./scripts/get_maintainer.pl arch/x86/kernel/time.c
Thomas Gleixner <tglx@linutronix.de> (maintainer:X86 ARCHITECTURE (32-BIT AND \
64-BIT)) Ingo Molnar <mingo@redhat.com> (maintainer:X86 ARCHITECTURE (32-BIT AND \
64-BIT)) Borislav Petkov <bp@alien8.de> (maintainer:X86 ARCHITECTURE (32-BIT AND \
64-BIT)) Dave Hansen <dave.hansen@linux.intel.com> (maintainer:X86 ARCHITECTURE \
(32-BIT AND 64-BIT)) x86@kernel.org (maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT))
"H. Peter Anvin" <hpa@zytor.com> (reviewer:X86 ARCHITECTURE (32-BIT AND 64-BIT))
linux-kernel@vger.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND 64-BIT))

Also, this issue seems to require root permissions (i.e. write
permissions on the kernel profiler) in order to be triggered.

Hope this helps,

greg k-h


[prev in list] [next in list] [prev in thread] [next in thread]