Konstantin, this looks actively malicious. Can we do something about this list-wise? On Wed, Jun 04, 2025 at 12:38:36PM +0800, Luka wrote: > Dear Kernel Maintainers, > > I am writing to report a potential vulnerability identified in the > upstream Linux Kernel version v6.12, corresponding to the following > commit in the mainline repository: > > Git Commit: adc218676eef25575469234709c2d87185ca223a (tag: v6.12) > > This issue was discovered during the testing of the Android 16 AOSP > kernel, which is based on Linux kernel version 6.12, specifically from > the AOSP kernel branch: > > AOSP kernel branch: android16-6.12 > Manifest path: kernel/common.git > Source URL: https://android.googlesource.com/kernel/common/+/refs/heads/android16-6.12 > > Although this kernel branch is used in Android 16 development, its > base is aligned with the upstream Linux v6.12 release. I observed this > issue while conducting stability and fuzzing tests on the Android 16 > platform and identified that the root cause lies in the upstream > codebase. > > > Bug Location: vfs_rmdir+0x118/0x488 fs/namei.c:4329 > > Bug Report: https://hastebin.com/share/vobatolola.bash > > Entire Log: https://hastebin.com/share/efajodumuh.perl > > > Thank you very much for your time and attention. I sincerely apologize > that I am currently unable to provide a reproducer for this issue. > However, I am actively working on reproducing the problem, and I will > make sure to share any findings or reproducing steps with you as soon > as they are available. > > I greatly appreciate your efforts in maintaining the Linux kernel and > your attention to this matter. > > Best regards, > Luka On Wed, Jun 04, 2025 at 12:21:40PM +0800, Luka wrote: > Dear Kernel Maintainers, > > I am writing to report a potential vulnerability identified in the > upstream Linux Kernel version v6.12, corresponding to the following > commit in the mainline repository: > > Git Commit: adc218676eef25575469234709c2d87185ca223a (tag: v6.12) > > This issue was discovered during the testing of the Android 16 AOSP > kernel, which is based on Linux kernel version 6.12, specifically from > the AOSP kernel branch: > > AOSP kernel branch: android16-6.12 > Manifest path: kernel/common.git > Source URL: https://android.googlesource.com/kernel/common/+/refs/heads/android16-6.12 > > Although this kernel branch is used in Android 16 development, its > base is aligned with the upstream Linux v6.12 release. I observed this > issue while conducting stability and fuzzing tests on the Android 16 > platform and identified that the root cause lies in the upstream > codebase. > > > Bug Location: may_delete+0x72c/0x730 fs/namei.c:3066 > > Bug Report: https://hastebin.com/share/amuhawituy.scss > > Entire Log: https://hastebin.com/share/oponarusih.perl > > > Thank you very much for your time and attention. I sincerely apologize > that I am currently unable to provide a reproducer for this issue. > However, I am actively working on reproducing the problem, and I will > make sure to share any findings or reproducing steps with you as soon > as they are available. > > I greatly appreciate your efforts in maintaining the Linux kernel and > your attention to this matter. > > Best regards, > Luka On Wed, Jun 04, 2025 at 12:12:26PM +0800, Luka wrote: > Dear Kernel Maintainers, > > I am writing to report a potential vulnerability identified in the > upstream Linux Kernel version v6.12, corresponding to the following > commit in the mainline repository: > > Git Commit: adc218676eef25575469234709c2d87185ca223a (tag: v6.12) > > This issue was discovered during the testing of the Android 16 AOSP > kernel, which is based on Linux kernel version 6.12, specifically from > the AOSP kernel branch: > > AOSP kernel branch: android16-6.12 > Manifest path: kernel/common.git > Source URL: https://android.googlesource.com/kernel/common/+/refs/heads/android16-6.12 > > Although this kernel branch is used in Android 16 development, its > base is aligned with the upstream Linux v6.12 release. I observed this > issue while conducting stability and fuzzing tests on the Android 16 > platform and identified that the root cause lies in the upstream > codebase. > > > Bug Location: fs_bdev_sync+0x2c/0x68 fs/super.c:1434 > > Bug Report: https://hastebin.com/share/pihohaniwi.bash > > Entire Log: https://hastebin.com/share/orufevoquj.perl > > > Thank you very much for your time and attention. I sincerely apologize > that I am currently unable to provide a reproducer for this issue. > However, I am actively working on reproducing the problem, and I will > make sure to share any findings or reproducing steps with you as soon > as they are available. > > I greatly appreciate your efforts in maintaining the Linux kernel and > your attention to this matter. > > Best regards, > Luka
