关键漏洞信息 漏洞类型: Slab-out-of-bounds read 受影响函数: 问题描述: 方法通过调用 可能导致崩溃。 上游提交: 94545871aaee6645bd3d0ad4b80b02886b9e2219b 错误日志示例: - BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0x902/0xa10 - Read of size 2 at addr ffff8802592f40c by task repro/9805 - CPU: 3 PID: 9805 Comm: repro Not tainted 6.16.0-rc3 #1 PREEMPT(full) - Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 相关调用栈: - dump_stack_lvl+0x10e/0x1f0 - print_report+0xd0/0x660 - ? __virt_addr_valid+0x81/0x610 - ? __phys_addr+0xe8/0x180 - ? hfsplus_uni2asc+0x902/0xa10 - kasan_report+0xc6/0x100 - ? hfsplus_uni2asc+0x902/0xa10 - hfsplus_uni2asc+0x902/0xa10 - ? hfsplus_bnode_read+0x14b/0x360 - hfsplus_readdir+0x845/0xfc0 - ? __pfx_hfsplus_readdir+0x10/0x10 - stack_trace_save+0x8e/0xc0 - ? iterate_dir+0x18b/0xb20 - ? trace_lock_acquire+0x85/0xd0 - ? lock_acquire+0x30/0x80 - ? iterate_dir+0x18b/0xb20 - down_read_killable+0x1ed/0x4c0 - ? putname+0x154/0x1a0 - ? __pfx_down_read_killable+0x10/0x10 - apparmor_file_permission+0x239/0x3e0 - iterate_dir+0x296/0xb20 - __x64_sys_getdents64+0x13c/0x2c0 - ? __pfx___x64_sys_getdents64+0x10/0x10 - __x64_sys_openat+0x141/0x200 - __pfx_filldir64+0x10/0x10 - do_user_addr_fault+0x7fe/0x12f0 - do_syscall_64+0xc9/0x480