Date
July 8, 2025, 7:07 p.m.
| Environment | |
|---|---|
| qemu-arm64 |
[ 19.414845] ================================================================== [ 19.414937] BUG: KFENCE: use-after-free write in __memset+0xc/0x20 [ 19.414937] [ 19.415423] Use-after-free write at 0x00000000c36ab212 (in kfence-#54): [ 19.415847] __memset+0xc/0x20 [ 19.416032] kmalloc_uaf_memset+0x170/0x310 [ 19.416141] kunit_try_run_case+0x170/0x3f0 [ 19.416237] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.416556] kthread+0x328/0x630 [ 19.416659] ret_from_fork+0x10/0x20 [ 19.416707] [ 19.417261] kfence-#54: 0x00000000c36ab212-0x0000000041f9e45c, size=33, cache=kmalloc-64 [ 19.417261] [ 19.417496] allocated by task 186 on cpu 1 at 19.413346s (0.004064s ago): [ 19.417947] kmalloc_uaf_memset+0xb8/0x310 [ 19.418025] kunit_try_run_case+0x170/0x3f0 [ 19.418067] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.418120] kthread+0x328/0x630 [ 19.418166] ret_from_fork+0x10/0x20 [ 19.418282] [ 19.418414] freed by task 186 on cpu 1 at 19.413407s (0.004913s ago): [ 19.418565] kmalloc_uaf_memset+0x11c/0x310 [ 19.418604] kunit_try_run_case+0x170/0x3f0 [ 19.418642] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.418684] kthread+0x328/0x630 [ 19.418751] ret_from_fork+0x10/0x20 [ 19.419627] [ 19.420029] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.420492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.420525] Hardware name: linux,dummy-virt (DT) [ 19.420885] ==================================================================