Reminder: 2 open syzbot bugs in "security/tomoyo" subsystem

Eric Biggers ebiggers at kernel.org
Tue Jul 2 05:14:45 UTC 2019


[This email was generated by a script.  Let me know if you have any suggestions
to make it better, or if you want it re-generated with the latest status.]

Of the currently open syzbot reports against the upstream kernel, I've manually
marked 2 of them as possibly being bugs in the "security/tomoyo" subsystem. 
I've listed these reports below, sorted by an algorithm that tries to list first
the reports most likely to be still valid, important, and actionable.

If you believe a bug is no longer valid, please close the syzbot report by
sending a '#syz fix', '#syz dup', or '#syz invalid' command in reply to the
original thread, as explained at https://goo.gl/tpsmEJ#status

If you believe I misattributed a bug to the "security/tomoyo" subsystem, please
let me know, and if possible forward the report to the correct people or mailing
list.

Here are the bugs:

--------------------------------------------------------------------------------
Title:              KASAN: use-after-free Read in tomoyo_realpath_from_path
Last occurred:      6 days ago
Reported:           26 days ago
Branches:           Mainline and others
Dashboard link:     https://syzkaller.appspot.com/bug?id=73d590010454403d55164cca23bd0565b1eb3b74
Original thread:    https://lkml.kernel.org/lkml/0000000000004f43fa058a97f4d3@google.com/T/#u

This bug has a syzkaller reproducer only.

The original thread for this bug has received 7 replies; the last was 9 days
ago.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+0341f6a4d729d4e0acf1 at syzkaller.appspotmail.com

If you send any email or patch for this bug, please reply to the original
thread, which had activity only 9 days ago.  For the git send-email command to
use, or tips on how to reply if the thread isn't in your mailbox, see the "Reply
instructions" at https://lkml.kernel.org/r/0000000000004f43fa058a97f4d3@google.com

--------------------------------------------------------------------------------
Title:              KASAN: invalid-free in tomoyo_realpath_from_path
Last occurred:      35 days ago
Reported:           34 days ago
Branches:           net-next
Dashboard link:     https://syzkaller.appspot.com/bug?id=e9e5a1d41c3fb5d0f79aeea0e4cd535f160a6702
Original thread:    https://lkml.kernel.org/lkml/000000000000785e9d0589ec359a@google.com/T/#u

Unfortunately, this bug does not have a reproducer.

The original thread for this bug has received 1 reply, 34 days ago.

If you fix this bug, please add the following tag to the commit:
    Reported-by: syzbot+9742b1c6c7aedf18beda at syzkaller.appspotmail.com

If you send any email or patch for this bug, please consider replying to the
original thread.  For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000785e9d0589ec359a@google.com



More information about the Linux-security-module-archive mailing list