Date
July 8, 2025, 4:38 p.m.
| Environment | |
|---|---|
| qemu-arm64 |
[ 17.958743] ================================================================== [ 17.958857] BUG: KFENCE: use-after-free read in kmalloc_uaf+0x184/0x338 [ 17.958857] [ 17.958957] Use-after-free read at 0x00000000c4449e63 (in kfence-#57): [ 17.959300] kmalloc_uaf+0x184/0x338 [ 17.959374] kunit_try_run_case+0x170/0x3f0 [ 17.959417] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.959461] kthread+0x328/0x630 [ 17.959737] ret_from_fork+0x10/0x20 [ 17.959830] [ 17.960001] kfence-#57: 0x0000000088461a91-0x0000000084b154c5, size=10, cache=kmalloc-16 [ 17.960001] [ 17.960219] allocated by task 186 on cpu 1 at 17.957289s (0.002844s ago): [ 17.961484] kmalloc_uaf+0xb8/0x338 [ 17.961567] kunit_try_run_case+0x170/0x3f0 [ 17.961608] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.961657] kthread+0x328/0x630 [ 17.961693] ret_from_fork+0x10/0x20 [ 17.962004] [ 17.962386] freed by task 186 on cpu 1 at 17.957367s (0.004864s ago): [ 17.962721] kmalloc_uaf+0x11c/0x338 [ 17.962816] kunit_try_run_case+0x170/0x3f0 [ 17.962866] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.963244] kthread+0x328/0x630 [ 17.963319] ret_from_fork+0x10/0x20 [ 17.963531] [ 17.963682] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.15.6-rc1 #1 PREEMPT [ 17.963784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.963840] Hardware name: linux,dummy-virt (DT) [ 17.963971] ==================================================================