On Wed, Dec 04, 2024 at 05:29:26PM +0800, wzs wrote:

Hello, when fuzzing the Linux kernel 6.7.0, the following crash was triggered.

kernel config : https://pastebin.com/3JeQFdUr console output : https://pastebin.com/9ADtBQtP

Basically, we use gadget module to simulate the connection and interaction process of a USB device (device type code : 0003, vendor id : 046D, product id : C312, serial number : 27B4, with function : input event).

It seems to be caused by a mismatch between the uevent's environmental limit and the buffer size used to receive the uevent, which triggers such kernel warning.

The crash report is as follow: 、、、 [203835.102225] input: wingfuz Keyboard as /devices/platform/dummy_hcd.0/usb3/3-1/3-1:1.0/0003:046D:C312.27B4/input/input5893 [203835.155527] ------------[ cut here ]------------ [203835.155533] add_uevent_var: buffer size too small [203835.162092] WARNING: CPU: 11 PID: 57434 at lib/kobject_uevent.c:671 add_uevent_var+0x2fe/0x390

I think this is already fixed in newer kernel versions. 6.7.0 is very old and obsolete. Can you test this on 6.12.1?

thanks,

greg k-h