Date
May 15, 2025, 10:38 a.m.
| Environment | |
|---|---|
| qemu-arm64 |
[ 18.171528] ================================================================== [ 18.171621] BUG: KFENCE: use-after-free write in __memset+0xc/0x20 [ 18.171621] [ 18.171702] Use-after-free write at 0x000000003bfa5165 (in kfence-#58): [ 18.172196] __memset+0xc/0x20 [ 18.172255] kmalloc_uaf_memset+0x170/0x310 [ 18.172295] kunit_try_run_case+0x170/0x3f0 [ 18.172345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.172393] kthread+0x328/0x630 [ 18.172437] ret_from_fork+0x10/0x20 [ 18.172490] [ 18.172667] kfence-#58: 0x000000003bfa5165-0x00000000fadb8304, size=33, cache=kmalloc-64 [ 18.172667] [ 18.172869] allocated by task 186 on cpu 1 at 18.169071s (0.003731s ago): [ 18.174687] kmalloc_uaf_memset+0xb8/0x310 [ 18.174800] kunit_try_run_case+0x170/0x3f0 [ 18.174896] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.175357] kthread+0x328/0x630 [ 18.175456] ret_from_fork+0x10/0x20 [ 18.175650] [ 18.176584] freed by task 186 on cpu 1 at 18.169150s (0.006943s ago): [ 18.177931] kmalloc_uaf_memset+0x11c/0x310 [ 18.178007] kunit_try_run_case+0x170/0x3f0 [ 18.178111] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.178225] kthread+0x328/0x630 [ 18.178403] ret_from_fork+0x10/0x20 [ 18.178790] [ 18.179537] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250515 #1 PREEMPT [ 18.179932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.180268] Hardware name: linux,dummy-virt (DT) [ 18.180402] ==================================================================