Date
July 4, 2025, 3:11 p.m.
| Environment | |
|---|---|
| qemu-arm64 |
[ 15.779352] ================================================================== [ 15.779719] BUG: KFENCE: use-after-free read in ksize_uaf+0x1dc/0x5f8 [ 15.779719] [ 15.779794] Use-after-free read at 0x000000008c71b52a (in kfence-#58): [ 15.779979] ksize_uaf+0x1dc/0x5f8 [ 15.780118] kunit_try_run_case+0x170/0x3f0 [ 15.780179] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.780224] kthread+0x328/0x630 [ 15.780261] ret_from_fork+0x10/0x20 [ 15.780295] [ 15.780316] kfence-#58: 0x000000008c71b52a-0x000000006f0923f3, size=120, cache=kmalloc-128 [ 15.780316] [ 15.780372] allocated by task 201 on cpu 0 at 15.777781s (0.002586s ago): [ 15.780714] ksize_uaf+0xb8/0x5f8 [ 15.780783] kunit_try_run_case+0x170/0x3f0 [ 15.780904] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.781000] kthread+0x328/0x630 [ 15.781374] ret_from_fork+0x10/0x20 [ 15.781468] [ 15.781568] freed by task 201 on cpu 0 at 15.777856s (0.003693s ago): [ 15.781785] ksize_uaf+0x11c/0x5f8 [ 15.781928] kunit_try_run_case+0x170/0x3f0 [ 15.782178] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.782274] kthread+0x328/0x630 [ 15.782429] ret_from_fork+0x10/0x20 [ 15.782546] [ 15.782667] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc2 #1 PREEMPT [ 15.782963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.783005] Hardware name: linux,dummy-virt (DT) [ 15.783044] ==================================================================