[cifs] c9ba95b978: BUG:KASAN:use-after-free_in_SMB2_sess_free_buffer[cifs]

Enzo Matsumiya ematsumiya at suse.de
Tue Sep 20 14:43:22 UTC 2022


On 09/20, kernel test robot wrote:
>
>Greeting,
>
>FYI, we noticed the following commit (built with gcc-11):
>
>commit: c9ba95b978808970633b0221b70c5255ebc8630e ("[PATCH v2] cifs: replace kfree() with kfree_sensitive() for sensitive data")
>url: https://github.com/intel-lab-lkp/linux/commits/Enzo-Matsumiya/cifs-replace-kfree-with-kfree_sensitive-for-sensitive-data/20220918-113758
>base: git://git.samba.org/sfrench/cifs-2.6.git for-next
>patch link: https://lore.kernel.org/linux-cifs/20220918033619.16522-1-ematsumiya@suse.de
>

snip

>If you fix the issue, kindly add following tag
>| Reported-by: kernel test robot <oliver.sang at intel.com>
>| Link: https://lore.kernel.org/r/202209201529.ec633796-oliver.sang@intel.com

snip

>kern  :info  : [   81.927031] CIFS: Attempting to mount \\localhost\fs
>kern  :err   : [   81.949059] ==================================================================
>kern  :err   : [   81.956956] BUG: KASAN: use-after-free in SMB2_sess_free_buffer+0xba/0x1c0 [cifs]
>kern  :err   : [   81.965177] Write of size 44 at addr ffff8881219a3c00 by task mount.cifs/1530

Will send v2.


Enzo



More information about the samba-technical mailing list