[Bug 1920934] Re: Heap-use-after-free in io_writex / cputlb.c results in Linux kernel crashes

The config is from 5.12-rc4, and the earliest kernel version that should reproduce this is 5.12-rc1. -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1920934 Title: Heap-use-after-free in io_writex /

[Bug 1920934] Re: Heap-use-after-free in io_writex / cputlb.c results in Linux kernel crashes

Yes, I have: commit 5ca634afcf83215a9a54ca6e66032325b5ffb5f6 (HEAD -> master, origin/master, origin/HEAD) Merge: c95bd5ff16 cffb446e8f Author: Peter Maydell Date: Mon Mar 22 18:50:25 2021 + Or another branch? -- You received this bug notification

[Bug 1920934] [NEW] Heap-use-after-free in io_writex / cputlb.c results in Linux kernel crashes

Public bug reported: qemu version: git 5ca634afcf83215a9a54ca6e66032325b5ffb5f6; 5.2.0 We've encountered that booting the Linux kernel in TCG mode, results in a racy heap-use-after-free. The bug can be detected by ASan [A], but in the majority of runs results in a crashing kernel [B]. To

[Qemu-devel] [Bug 1777315] Re: Denial of service

FYI: we've hit this as will with syzkaller testing; this is still reproducible as-is with latest qemu (commit a6ae238), and the latest Linux kernel (5.1-rc7). -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU.