[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE-2022-2602 - Linux kernel io_uring UAF
From:       Adam Reynolds <adamajreynolds () gmail ! com>
Date:       2022-11-08 19:47:40
Message-ID: CAEF3R_5ojvtyejQHGAuJXQ96xDZ3zq9H9Tm8nyh1NxN+1z2UAg () mail ! gmail ! com
[Download RAW message or body]

On Mon, Nov 7, 2022 at 7:30 AM John Smith <smitchj013@outlook.com> wrote:
> 
> Hello.
> 
> Do anyone try this PoC? On my side it's not working on 5.4, 5.10 and 5.15 with KASAN on. \
> KASAN is quiet.  Any ideas? 
> 27.10.2022, 21:05, "Thadeu Lima de Souza Cascardo" <cascardo@canonical.com>:
> > On Tue, Oct 18, 2022 at 01:59:51PM -0300, Thadeu Lima de Souza Cascardo wrote:
> > 
> > Sorry about posting this late, but here it is.
> > poc.c
> > Cascardo.
> 

I ran this against both 5.15.68 and 6.1-rc2 and did not see this, only
a memory leak reported by asan:

adreynol@ADAM-HOMEDESK ~> sudo ./uaf_iouring

=================================================================
==182==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 120 byte(s) in 1 object(s) allocated from:
    #0 0x4cfa97 in __interceptor_malloc
(/home/adreynol/uaf_iouring+0x4cfa97) (BuildId:
2e78344ef59fbab75b1384f5e47ad697da629367)
    #1 0x512dac in main (/home/adreynol/uaf_iouring+0x512dac)
(BuildId: 2e78344ef59fbab75b1384f5e47ad697da629367)
    #2 0x7fb49165150f in __libc_start_call_main
(/lib64/libc.so.6+0x2950f) (BuildId:
85c438f4ff93e21675ff174371c9c583dca00b2c)

SUMMARY: AddressSanitizer: 120 byte(s) leaked in 1 allocation(s).


[prev in list] [next in list] [prev in thread] [next in thread]