Reminder: 2 open syzbot bugs in "security/tomoyo" subsystem
Eric Biggers
ebiggers at kernel.org
Wed Jul 24 04:34:50 UTC 2019
On Wed, Jul 24, 2019 at 12:18:47PM +0900, Tetsuo Handa wrote:
> > --------------------------------------------------------------------------------
> > Title: KASAN: invalid-free in tomoyo_realpath_from_path
> > Last occurred: 57 days ago
> > Reported: 56 days ago
> > Branches: net-next
> > Dashboard link: https://syzkaller.appspot.com/bug?id=e9e5a1d41c3fb5d0f79aeea0e4cd535f160a6702
> > Original thread: https://lkml.kernel.org/lkml/000000000000785e9d0589ec359a@google.com/T/#u
>
> This cannot be a TOMOYO's bug. We are waiting for a reproducer but
> no crash occurred since then. Maybe it is time to close as invalid.
Maybe. Did you check for stack buffer overflows in the functions that
tomoyo_realpath_from_path() calls? Perhaps something is corrupting the 'buf'
variable in the parent's stack frame.
- Eric
More information about the Linux-security-module-archive
mailing list