Thread (10 messages) 10 messages, 5 authors, 2025-09-03

Re: [BUG] [ROSE] slab-use-after-free in lock_timer_base

From: F6BVP <hidden>
Date: 2025-09-03 10:11:46
Also in: linux-hams

I am confused for not having CC Takamisu Iwai.

I apologize for this novice error.

Considering the syzreport report I just wanted to add my contribution to 
provide a way to easily reproduce the bug when performing rose network.


Le 03/09/2025 à 12:01, Eric Dumazet a écrit :
On Wed, Sep 3, 2025 at 2:51 AM Bernard Pidoux [off-list ref] wrote:
quoted
On 6.16.4 kernel patched with last ROSE commit for refcount use
rose_remove_node() is causing refcount_t: underflow; use-after-free

List:       linux-stable-commits
Subject:    Patch "net: rose: split remove and free operations in
rose_remove_neigh()" has been added to the 6.1
From:       Sasha Levin <sashal () kernel ! org>
Date:       2025-08-30 20:20:24
Message-ID: 20250830202024.2485006-1-sashal () kernel ! org

Bernard Pidoux
F6BVP / AI7BG
Any particular reason you do not CC the author ?

CC Takamitsu Iwai [off-list ref]

BTW, a syzbot report was already sent to the list.

https://syzkaller.appspot.com/bug?extid=7287222a6d88bdb559a7
  
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help