On Wed, Apr 18, 2018 at 06:26:41PM +0200, Sergej Schumilo wrote: > Dear all, > The following null pointer dereference bug was found by a modified version of the kAFL fuzzer (https://github.com/RUB-SysSec/kAFL). I have attached the causing hfs filesystem image, the dmesg report and the source code of a simple mounting tool to reproduce this issue. > > A local users who have been granted the privileges necessary to mount filesystems (or a system components which auto mounts filesystems) could trigger a null pointer dereference or a kernel panic (depending on panic_on_oops). I have to say this isn't going to rank very highly in terms of bugs we're likely to spend a lot of time on. Almost nobody uses HFS on Linux, and it has no maintainer. I'd suggest that Ubuntu disables it from their configuration, or if it's important to them, that they contribute somebody's time to working on it. You'd probably get a more interesting response if you fuzzed ext4, btrfs or XFS. Or FAT or iso9660; things people are likely to have an USB keys. There may be a tooling problem here where some filesystems should be whitelisted for automounting. I just don't think you're going to find anyone interested in fixing this.
