Re: usb/storage/uas: slab-out-of-bounds in uas_probe

2017-09-22 Thread Alan Stern
On Fri, 22 Sep 2017, Greg Kroah-Hartman wrote: > On Fri, Sep 22, 2017 at 09:58:15AM +0200, Greg Kroah-Hartman wrote: > > On Thu, Sep 21, 2017 at 03:04:05PM -0400, Alan Stern wrote: > > > On Thu, 21 Sep 2017, Andrey Konovalov wrote: > > > > > > > On Thu, Sep 21, 2017 at 6:10 PM, Greg Kroah-Hartman

Re: usb/storage/uas: slab-out-of-bounds in uas_probe

2017-09-22 Thread Andrey Konovalov
On Thu, Sep 21, 2017 at 9:04 PM, Alan Stern wrote: > On Thu, 21 Sep 2017, Andrey Konovalov wrote: > >> On Thu, Sep 21, 2017 at 6:10 PM, Greg Kroah-Hartman >> wrote: >> > On Thu, Sep 21, 2017 at 05:39:05PM +0200, Andrey Konovalov wrote: >> >> Hi! >> >> >> >> I've got the following report while fuz

Re: usb/storage/uas: slab-out-of-bounds in uas_probe

2017-09-22 Thread Greg Kroah-Hartman
On Fri, Sep 22, 2017 at 09:58:15AM +0200, Greg Kroah-Hartman wrote: > On Thu, Sep 21, 2017 at 03:04:05PM -0400, Alan Stern wrote: > > On Thu, 21 Sep 2017, Andrey Konovalov wrote: > > > > > On Thu, Sep 21, 2017 at 6:10 PM, Greg Kroah-Hartman > > > wrote: > > > > On Thu, Sep 21, 2017 at 05:39:05PM

Re: usb/storage/uas: slab-out-of-bounds in uas_probe

2017-09-22 Thread Greg Kroah-Hartman
On Thu, Sep 21, 2017 at 03:04:05PM -0400, Alan Stern wrote: > On Thu, 21 Sep 2017, Andrey Konovalov wrote: > > > On Thu, Sep 21, 2017 at 6:10 PM, Greg Kroah-Hartman > > wrote: > > > On Thu, Sep 21, 2017 at 05:39:05PM +0200, Andrey Konovalov wrote: > > >> Hi! > > >> > > >> I've got the following r

Re: usb/storage/uas: slab-out-of-bounds in uas_probe

2017-09-21 Thread Alan Stern
On Thu, 21 Sep 2017, Andrey Konovalov wrote: > On Thu, Sep 21, 2017 at 6:10 PM, Greg Kroah-Hartman > wrote: > > On Thu, Sep 21, 2017 at 05:39:05PM +0200, Andrey Konovalov wrote: > >> Hi! > >> > >> I've got the following report while fuzzing the kernel with syzkaller. > >> > >> On commit ebb2c2437

Re: usb/storage/uas: slab-out-of-bounds in uas_probe

2017-09-21 Thread Andrey Konovalov
On Thu, Sep 21, 2017 at 6:50 PM, Alan Stern wrote: > On Thu, 21 Sep 2017, Andrey Konovalov wrote: > >> Hi! >> >> I've got the following report while fuzzing the kernel with syzkaller. >> >> On commit ebb2c2437d8008d46796902ff390653822af6cc4 (Sep 18). >> >> The issue occurs when we iterate over int

Re: usb/storage/uas: slab-out-of-bounds in uas_probe

2017-09-21 Thread Alan Stern
On Thu, 21 Sep 2017, Andrey Konovalov wrote: > Hi! > > I've got the following report while fuzzing the kernel with syzkaller. > > On commit ebb2c2437d8008d46796902ff390653822af6cc4 (Sep 18). > > The issue occurs when we iterate over interface altsettings, but I > don't see the driver doing anyt

Re: usb/storage/uas: slab-out-of-bounds in uas_probe

2017-09-21 Thread Greg Kroah-Hartman
On Thu, Sep 21, 2017 at 05:39:05PM +0200, Andrey Konovalov wrote: > Hi! > > I've got the following report while fuzzing the kernel with syzkaller. > > On commit ebb2c2437d8008d46796902ff390653822af6cc4 (Sep 18). > > The issue occurs when we iterate over interface altsettings, but I > don't see t

usb/storage/uas: slab-out-of-bounds in uas_probe

2017-09-21 Thread Andrey Konovalov
Hi! I've got the following report while fuzzing the kernel with syzkaller. On commit ebb2c2437d8008d46796902ff390653822af6cc4 (Sep 18). The issue occurs when we iterate over interface altsettings, but I don't see the driver doing anything wrong. I might be missing something, or this might be an