From mboxrd@z Thu Jan  1 00:00:00 1970
From: Sabrina Dubroca <sd@queasysnail.net>
Subject: Re: KASAN: use-after-free Read in rtnetlink_put_metrics
Date: Tue, 31 Jul 2018 15:40:14 +0200
Message-ID: <20180731134014.GA32114@bistromath.localdomain>
References: <0000000000004fe2be05724ac084@google.com>
 <c8ffd001-8c67-19b9-7223-34ca8d436db2@gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Cc: syzbot <syzbot+41f9c04b50ef70c66947@syzkaller.appspotmail.com>,
        christian.brauner@ubuntu.com, davem@davemloft.net,
        dsahern@gmail.com, fw@strlen.de, jbenc@redhat.com,
        ktkhai@virtuozzo.com, linux-kernel@vger.kernel.org,
        lucien.xin@gmail.com, netdev@vger.kernel.org,
        syzkaller-bugs@googlegroups.com
To: Eric Dumazet <eric.dumazet@gmail.com>
Return-path: <linux-kernel-owner@vger.kernel.org>
Content-Disposition: inline
In-Reply-To: <c8ffd001-8c67-19b9-7223-34ca8d436db2@gmail.com>
Sender: linux-kernel-owner@vger.kernel.org
List-Id: netdev.vger.kernel.org

2018-07-31, 05:41:56 -0700, Eric Dumazet wrote:
> 
> 
> On 07/31/2018 05:31 AM, syzbot wrote:
> > Hello,
> > 
> > syzbot found the following crash on:
> > 
> > HEAD commit:    61f4b23769f0 netlink: Don't shift with UB on nlk->ngroups
> > git tree:       net
> > console output: https://syzkaller.appspot.com/x/log.txt?x=14a9de58400000
> > kernel config:  https://syzkaller.appspot.com/x/.config?x=ffb4428fdc82f93b
> > dashboard link: https://syzkaller.appspot.com/bug?extid=41f9c04b50ef70c66947
> > compiler:       gcc (GCC) 8.0.1 20180413 (experimental)
> > 
> > Unfortunately, I don't have any reproducer for this crash yet.
[...]

> Probably also caused by :
> 
> 
> commit df18b50448fab1dff093731dfd0e25e77e1afcd1
> Author: Sabrina Dubroca <sd@queasysnail.net>
> Date:   Mon Jul 30 16:23:10 2018 +0200
> 
>     net/ipv6: fix metrics leak

Yeah, I'm looking into both those reports :/

-- 
Sabrina