On Fri, 11 Jan 2019 06:27:35 -0800
Eric Dumazet <eduma...@google.com> wrote:
> Both gue_err() and gue6_err() incorrectly assume
> linear skbs. Fix them to use pskb_may_pull().
>
> BUG: KMSAN: uninit-value in gue6_err+0x475/0xc40 net/ipv6/fou6.c:101
> CPU: 0 PID: 18083 Comm: syz-executor1 Not tainted 5.0.0-rc1+ #7
>
> [...]
>
> Fixes: b8a51b38e4d4 ("fou, fou6: ICMP error handlers for FoU and GUE")
> Signed-off-by: Eric Dumazet <eduma...@google.com>
> Reported-by: syzbot <syzkal...@googlegroups.com>
> Cc: Stefano Brivio <sbri...@redhat.com>
> Cc: Sabrina Dubroca <s...@queasysnail.net>
Acked-by: Stefano Brivio <sbri...@redhat.com>
