|
riscv/fixes boot error: can't ssh into the instance (3)
|
|
|
|
207 |
3d04h |
53d
|
25/26 |
never |
f5c12105c15f
mm,page_owner: fix refcount imbalance
|
|
upstream boot error: can't ssh into the instance (16)
|
|
|
|
415 |
79d |
132d
|
26/26 |
56d |
f6564fce256a
mm, kmsan: fix infinite recursion due to RCU critical section
|
|
riscv/fixes boot error: failed to read from qemu: EOF
|
|
|
|
54 |
165d |
174d
|
26/26 |
109d |
420370f3ae3d
riscv: Check if the code to patch lies in the exit section
|
|
KASAN: use-after-free Read in j1939_session_get_by_addr
|
C |
done |
error |
66 |
1646d |
1658d
|
25/26 |
129d |
d966635b384b
can: j1939: transport: make sure the aborted session will be deactivated only once
|
|
riscv/fixes boot error: can't ssh into the instance (2)
|
|
|
|
109 |
348d |
354d
|
23/26 |
321d |
25abe0db9243
riscv: Fix kfence now that the linear mapping can be backed by PUD/P4D/PGD
|
|
kernel BUG in vmf_insert_pfn_prot
|
C |
done |
done |
1933 |
372d |
976d
|
22/26 |
341d |
a5b44c4adb16
drm/fbdev-generic: Always use shadow buffering
|
|
unregister_netdevice: waiting for DEV to become free (7)
|
C |
inconclusive |
|
20422 |
347d |
549d
|
22/26 |
347d |
266e9b3475ba
RDMA/siw: Remove namespace check from siw_netdev_event()
|
|
INFO: task hung in tcindex_partial_destroy_work
|
C |
done |
unreliable |
84 |
1194d |
1330d
|
22/26 |
347d |
8c710f75256b
net/sched: Retire tcindex classifier
|
|
WARNING: fbcon: Driver 'vkmsdrmfb' missed to adjust virtual screen size (0x0 vs. 64x768)
|
C |
unreliable |
error |
24 |
680d |
679d
|
22/26 |
347d |
1935f0deb611
drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var
|
|
WARNING: can't access registers at entry_SYSCALL_64_after_hwframe
|
C |
|
|
15 |
454d |
459d
|
22/26 |
347d |
00c8f01c4e84
objtool: Fix ORC 'signal' propagation
|
|
WARNING in j1939_xtp_rx_abort_one
|
C |
done |
|
379 |
483d |
1020d
|
22/26 |
347d |
d0553680f94c
can: j1939: fix errant WARN_ON_ONCE in j1939_session_deactivate
|
|
upstream-arm64 build error
|
|
|
|
11 |
455d |
458d
|
22/26 |
347d |
d54170812ef1
arm64: fix .idmap.text assertion for large kernels
|
|
WARNING in submit_bio_checks
|
C |
done |
unreliable |
1851 |
790d |
1409d
|
22/26 |
399d |
57e95e4670d1
block: fix and cleanup bio_check_ro
|
|
KASAN: use-after-free Read in hci_cmd_timeout
|
C |
done |
error |
371 |
528d |
1840d
|
22/26 |
404d |
97dfaf073f58
Bluetooth: hci_sync: cancel cmd_timer if hci_open failed
|
|
WARNING in __dev_queue_xmit
|
C |
done |
|
16774 |
451d |
665d
|
22/26 |
451d |
dc633700f00f
net/af_packet: check len when min_header_len equals to 0
b12e924a2f5b
net/ieee802154: don't warn zero-sized raw_sendmsg()
3a4d061c699b
net/ieee802154: reject zero-sized raw_sendmsg()
|
|
INFO: task hung in addrconf_verify_work (6)
|
C |
done |
|
86 |
455d |
692d
|
22/26 |
451d |
ff1fa2081d17
net: tun: avoid disabling NAPI twice
|
|
KASAN: use-after-free Read in drm_gem_object_release_handle
|
C |
done |
|
362 |
532d |
916d
|
22/26 |
451d |
24013314be6e
drm/shmem-helper: Remove errant put in error path
|
|
KASAN: slab-out-of-bounds Read in vxlan_vnifilter_dump_dev
|
C |
done |
|
30 |
781d |
782d
|
22/26 |
451d |
9d570741aec1
vxlan: do not feed vxlan_vnifilter_dump_dev with non vxlan devices
|
|
WARNING in bpf_check (3)
|
C |
done |
done |
1736 |
596d |
1530d
|
22/26 |
451d |
34dd3bad1a6f
bpf: Relax the requirement to use preallocated hash maps in tracing progs.
|
|
BUG: sleeping function called from invalid context in static_key_slow_inc
|
C |
done |
|
82 |
538d |
550d
|
22/26 |
451d |
af295e854a4e
l2tp: Don't sleep and disable BH under writer-side sk_callback_lock
|
|
KASAN: use-after-free Read in ath9k_hif_usb_rx_cb (2)
|
C |
done |
|
48810 |
648d |
1281d
|
22/26 |
451d |
0ac4827f78c7
ath9k: fix use-after-free in ath9k_hif_usb_rx_cb
|
|
KASAN: use-after-free Read in madvise_update_vma
|
C |
done |
|
38 |
815d |
833d
|
22/26 |
451d |
942341dcc574
mm: fix use-after-free when anon vma name is used after vma is freed
|
|
BUG: sleeping function called from invalid context in sk_psock_stop
|
C |
done |
|
232 |
652d |
710d
|
22/26 |
451d |
697fb80a5364
bpf: Fix sockmap calling sleepable function in teardown path
|
|
WARNING in __dma_map_sg_attrs
|
C |
inconclusive |
|
65 |
651d |
901d
|
22/26 |
451d |
9e9fa6a9198b
udmabuf: Set the DMA mask for the udmabuf device (v2)
|
|
possible deadlock in p9_req_put
|
C |
done |
|
2815 |
561d |
651d
|
22/26 |
451d |
52f1c45dde91
9p: trans_fd/p9_conn_cancel: drop client lock earlier
|
|
WARNING in pskb_expand_head
|
C |
done |
done |
222 |
565d |
1212d
|
22/26 |
451d |
dbae2b062824
net: skb: introduce and use a single page frag cache
|
|
KASAN: use-after-free Read in __kernfs_remove
|
C |
done |
|
3985 |
590d |
634d
|
22/26 |
451d |
4abc99652812
kernfs: fix use-after-free in __kernfs_remove
|
|
INFO: task hung in synchronize_rcu (3)
|
C |
done |
done |
374 |
460d |
1398d
|
22/26 |
451d |
2d08935682ac
KVM: x86: Don't re-acquire SRCU lock in complete_emulated_io()
|
|
WARNING: suspicious RCU usage (5)
|
C |
done |
|
1 |
707d |
703d
|
20/26 |
696d |
f4e61f0c9add
x86/kvm: Fix broken irq restoration in kvm_wait
|
|
WARNING in drm_gem_shmem_vm_open
|
syz |
done |
done |
38 |
870d |
1005d
|
20/26 |
738d |
0499f419b76f
video: vga16fb: Only probe for EGA and VGA 16 color graphic cards
|
|
INFO: task hung in usb_get_descriptor
|
C |
done |
done |
4149 |
800d |
1322d
|
20/26 |
738d |
363eaa3a450a
usbip: synchronize event handler with sysfs code paths
|
|
WARNING in cgroup_finalize_control
|
syz |
done |
done |
9 |
942d |
1470d
|
20/26 |
804d |
7ee285395b21
cgroup: Make rebind_subsystems() disable v2 controllers all at once
|
|
WARNING in ref_tracker_dir_exit
|
C |
done |
|
16271 |
860d |
889d
|
20/26 |
804d |
34ac17ecbf57
ethtool: use ethnl_parse_header_dev_put()
|
|
WARNING in sta_info_insert_rcu
|
C |
done |
done |
2533 |
897d |
1334d
|
20/26 |
804d |
a6555f844549
mac80211: Drop frames from invalid MAC address in ad-hoc mode
|
|
WARNING in loop_add
|
C |
done |
error |
64 |
919d |
1733d
|
20/26 |
804d |
278167fd2f8f
block: add __must_check for *add_disk*() callers
|
|
kernel BUG at net/core/dev.c:LINE! (4)
|
C |
done |
done |
432 |
887d |
1275d
|
20/26 |
804d |
f123cffdd8fe
net: netlink: af_netlink: Prevent empty skb by adding a check on len.
|
|
WARNING in bpf_warn_invalid_xdp_action
|
C |
done |
done |
8941 |
860d |
1580d
|
20/26 |
804d |
2cbad989033b
bpf: Do not WARN in bpf_warn_invalid_xdp_action()
|
|
unregister_netdevice: waiting for DEV to become free (6)
|
C |
error |
|
13128 |
804d |
923d
|
20/26 |
804d |
34ac17ecbf57
ethtool: use ethnl_parse_header_dev_put()
|
|
BUG: unable to handle kernel NULL pointer dereference in bpf
|
C |
done |
|
753 |
861d |
933d
|
20/26 |
804d |
ad10c381d133
bpf: Add missing map_delete_elem method to bloom filter map
|
|
unregister_netdevice: waiting for DEV to become free (5)
|
C |
done |
|
40035 |
923d |
1168d
|
20/26 |
923d |
0d7a7b2014b1
ipv6: remove extra dev_hold() for fallback tunnels
|
|
WARNING in taprio_change
|
C |
done |
|
746 |
1108d |
1344d
|
20/26 |
923d |
ed8157f1ebf1
net: sched: tapr: prevent cycle_time == 0 in parse_taprio_schedule
|
|
WARNING in netlbl_cipsov4_add
|
C |
inconclusive |
|
4433 |
986d |
1185d
|
20/26 |
923d |
8ca34a13f7f9
net: cipso: fix warnings in netlbl_cipsov4_add_std
|
|
WARNING in cfg80211_connect
|
C |
done |
|
2320 |
1136d |
1327d
|
20/26 |
923d |
1b5ab825d9ac
cfg80211: remove WARN_ON() in cfg80211_sme_connect
|
|
BUG: unable to handle kernel paging request in corrupted (3)
|
C |
done |
|
45 |
931d |
1099d
|
20/26 |
923d |
7a274727702c
io_uring: don't modify req->poll for rw
|
|
possible deadlock in loop_probe
|
C |
done |
|
20656 |
1044d |
1069d
|
20/26 |
923d |
962bf783ef65
mtd: break circular locks in register_mtd_blktrans
|
|
linux-next build error (12)
|
|
|
|
63 |
1049d |
1148d
|
20/26 |
923d |
7aae231ac93b
bpf: tcp: Limit calling some tcp cc functions to CONFIG_DYNAMIC_FTRACE
|
|
WARNING: suspicious RCU usage in bond_ipsec_add_sa (2)
|
C |
done |
|
540 |
1050d |
1337d
|
20/26 |
923d |
b648eba4c69e
bonding: fix suspicious RCU usage in bond_ipsec_add_sa()
|
|
linux-next test error: unregister_netdevice: waiting for DEV to become free
|
|
|
|
2 |
1146d |
1146d
|
20/26 |
923d |
0d7a7b2014b1
ipv6: remove extra dev_hold() for fallback tunnels
|
|
KASAN: slab-out-of-bounds Read in qrtr_endpoint_post (2)
|
C |
done |
|
41 |
1024d |
1389d
|
20/26 |
923d |
ad9d24c9429e
net: qrtr: fix OOB Read in qrtr_endpoint_post
|
|
net-next test error: unregister_netdevice: waiting for DEV to become free
|
|
|
|
18 |
1146d |
1147d
|
20/26 |
923d |
0d7a7b2014b1
ipv6: remove extra dev_hold() for fallback tunnels
|
|
BUG: MAX_LOCKDEP_ENTRIES too low!
|
C |
done |
|
179076 |
1108d |
1799d
|
20/26 |
923d |
5dc33592e955
lockdep: Allow tuning tracing capacity constants.
|
|
possible deadlock in del_gendisk
|
C |
done |
|
158215 |
986d |
1133d
|
20/26 |
923d |
990e78116d38
block: loop: fix deadlock between open and remove
|
|
memory leak in rds_send_probe
|
C |
done |
|
27 |
1220d |
1763d
|
20/26 |
923d |
49bfcbfd989a
net: rds: fix memory leak in rds_recvmsg
|
|
WARNING: still has locks held in io_sq_thread
|
C |
done |
|
8689 |
1135d |
1148d
|
20/26 |
923d |
82734c5b1b24
io_uring: drop sqd lock before handling signals for SQPOLL
|
|
memory leak in h4_recv_buf
|
C |
done |
|
21 |
1032d |
1792d
|
20/26 |
923d |
bb2853a6a421
tty: Fix data race between tiocsti() and flush_to_ldisc()
|
|
WARNING in sta_info_alloc
|
C |
done |
done |
145 |
1069d |
1322d
|
20/26 |
923d |
0ee4d55534f8
mac80211: remove warning in ieee80211_get_sband()
|
|
WARNING: ODEBUG bug in cancel_delayed_work
|
C |
done |
|
3384 |
939d |
1389d
|
20/26 |
923d |
3a9d54b1947e
Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default
|
|
possible deadlock in console_lock_spinning_enable
|
C |
done |
|
1693 |
923d |
1796d
|
20/26 |
923d |
c0070e1e6027
ttyprintk: Add TTY hangup callback.
|
|
WARNING in hsr_forward_skb
|
C |
done |
done |
1310 |
1137d |
1965d
|
20/26 |
923d |
9d6803921a16
net: hsr: Reset MAC header for Tx path
|
|
INFO: task hung in hub_port_init
|
C |
done |
|
15888 |
923d |
1322d
|
20/26 |
923d |
258c81b341c8
usbip: give back URBs for unsent unlink requests during cleanup
|
|
net-next build error (3)
|
|
|
|
7 |
1201d |
1198d
|
20/26 |
1137d |
9c97921a51a0
net: fix building errors on powerpc when CONFIG_RETPOLINE is not set
|
|
INFO: task hung in addrconf_verify_work (4)
|
C |
done |
|
132 |
1185d |
1273d
|
20/26 |
1137d |
d349f9976868
net_sched: fix RTNL deadlock again caused by request_module()
|
|
general protection fault in rose_send_frame
|
C |
done |
done |
664 |
1277d |
1957d
|
19/26 |
1168d |
3b3fd068c56e
rose: Fix Null pointer dereference in rose_send_frame()
|
|
WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected (2)
|
C |
done |
|
640 |
1232d |
1349d
|
19/26 |
1168d |
8d1ddb5e7937
fcntl: Fix potential deadlock in send_sig{io, urg}()
|
|
WARNING: filesystem loop2 was created with 512 inodes, the real maximum is 511, mounting anyway
|
|
|
|
2 |
1281d |
1276d
|
19/26 |
1168d |
dc889b8d4a81
bfs: don't use WARNING: string when it's just info.
|
|
KASAN: null-ptr-deref Write in bdi_put
|
C |
done |
done |
601 |
1224d |
1258d
|
19/26 |
1168d |
2d2f6f1b4799
block: pre-initialize struct block_device in bdev_alloc_inode
|
|
kernel BUG at net/core/skbuff.c:LINE! (3)
|
C |
done |
|
4399 |
1183d |
2300d
|
19/26 |
1168d |
afbc293add64
af_key: relax availability checks for skb size calculation
|
|
unregister_netdevice: waiting for DEV to become free (4)
|
C |
done |
|
50394 |
1168d |
1370d
|
19/26 |
1168d |
5399d52233c4
rxrpc: Fix deadlock around release of dst cached on udp tunnel
|
|
WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway
|
|
|
|
2 |
1274d |
1270d
|
19/26 |
1168d |
dc889b8d4a81
bfs: don't use WARNING: string when it's just info.
|
|
WARNING: filesystem loop1 was created with 512 inodes, the real maximum is 511, mounting anyway
|
|
|
|
4 |
1281d |
1330d
|
19/26 |
1168d |
dc889b8d4a81
bfs: don't use WARNING: string when it's just info.
|
|
general protection fault in call_commit_handler
|
C |
done |
|
428 |
1224d |
1305d
|
19/26 |
1168d |
5122565188ba
wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
|
|
WARNING: filesystem loop3 was created with 512 inodes, the real maximum is 511, mounting anyway
|
|
|
|
3 |
1266d |
1334d
|
19/26 |
1168d |
dc889b8d4a81
bfs: don't use WARNING: string when it's just info.
|
|
WARNING: filesystem loop4 was created with 512 inodes, the real maximum is 511, mounting anyway
|
|
|
|
3 |
1281d |
1276d
|
19/26 |
1168d |
dc889b8d4a81
bfs: don't use WARNING: string when it's just info.
|
|
upstream build error (11)
|
|
|
|
25 |
1224d |
1300d
|
15/26 |
1224d |
f78f63da916e
mm/process_vm_access: Add missing #include <linux/compat.h>
|
|
BUG: MAX_LOCKDEP_CHAIN_HLOCKS too low!
|
C |
done |
error |
25236 |
1462d |
1902d
|
15/26 |
1258d |
1a33e10e4a95
net: partially revert dynamic lockdep key changes
|
|
BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on
|
C |
done |
|
502745 |
1283d |
1315d
|
15/26 |
1281d |
f8e48a3dca06
lockdep: Fix preemption WARN for spurious IRQ-enable
|
|
INFO: trying to register non-static key in uhid_char_release
|
C |
done |
done |
26 |
1358d |
1535d
|
15/26 |
1281d |
bce1305c0ece
HID: core: Correctly handle ReportSize being zero
|
|
kernel panic: Fatal exception (3)
|
C |
done |
|
2 |
1315d |
1314d
|
15/26 |
1281d |
eadd1befdd77
netem: fix zero division in tabledist
|
|
WARNING in print_bfs_bug
|
C |
done |
|
14759 |
1313d |
1665d
|
15/26 |
1281d |
6d1823ccc480
lockdep: Optimize the memory usage of circular queue
|
|
INFO: task hung in io_uring_setup
|
C |
done |
|
51 |
1350d |
1355d
|
15/26 |
1281d |
7e84e1c7566a
io_uring: allow disabling rings during the creation
|
|
INFO: task hung in addrconf_verify_work (3)
|
C |
done |
|
75 |
1294d |
1329d
|
15/26 |
1281d |
0fedc63fadf0
net_sched: commit action insertions together
|
|
WARNING: ODEBUG bug in exit_to_user_mode_prepare
|
C |
done |
done |
27 |
1355d |
1361d
|
15/26 |
1281d |
77f4689de17c
fix regression in "epoll: Keep a reference on files added to the check list"
|
|
possible deadlock in _snd_pcm_stream_lock_irqsave
|
C |
done |
|
997 |
1312d |
1349d
|
15/26 |
1281d |
6564d0ad67ef
ALSA: ctl: Workaround for lockdep warning wrt card->ctl_files_rwlock
|
|
WARNING in percpu_ref_exit (2)
|
C |
done |
done |
272 |
1317d |
1612d
|
15/26 |
1281d |
c1e2148f8ecb
io_uring: free fixed_file_data after RCU grace period
|
|
bpf-next test error: BUG: program execution failed: executor 0: exit status 67
|
|
|
|
12 |
1313d |
1313d
|
15/26 |
1281d |
d25e2e9388ed
netfilter: restore NF_INET_NUMHOOKS
|
|
INFO: task hung in htable_put
|
C |
done |
done |
29 |
1553d |
1607d
|
15/26 |
1281d |
99b79c3900d4
netfilter: xt_hashlimit: unregister proc file before releasing mutex
|
|
WARNING: refcount bug in l2cap_chan_put
|
C |
inconclusive |
done |
13 |
1383d |
1547d
|
15/26 |
1281d |
b83764f9220a
Bluetooth: Fix kernel oops triggered by hci_adv_monitors_clear()
|
|
KASAN: global-out-of-bounds Read in vga16fb_imageblit
|
C |
done |
|
1071 |
1345d |
1630d
|
15/26 |
1319d |
bd018a6a75ce
video: fbdev: fix OOB read in vga_8planes_imageblit()
|
|
INFO: rcu detected stall in ext4_file_write_iter
|
C |
inconclusive |
done |
93 |
1378d |
1910d
|
15/26 |
1334d |
7e24969022cb
block: allow for_each_bvec to support zero len bvec
|
|
WARNING in restore_regulatory_settings
|
C |
done |
|
10414 |
1352d |
1596d
|
15/26 |
1334d |
47caf685a685
cfg80211: regulatory: reject invalid hints
|
|
kernel BUG at mm/hugetlb.c:LINE!
|
C |
done |
error |
10 |
1392d |
1505d
|
15/26 |
1342d |
15568299b7d9
hugetlbfs: prevent filesystem stacking of hugetlbfs
|
|
WARNING in ptrace_stop
|
C |
done |
|
1413 |
1393d |
1397d
|
15/26 |
1342d |
d136122f5845
sched: Fix race against ptrace_freeze_trace()
|
|
general protection fault in do_con_write
|
C |
done |
|
10703 |
1394d |
1629d
|
15/26 |
1342d |
ce684552a266
vt: Reject zero-sized screen buffer size.
|
|
WARNING in inc_nlink
|
C |
done |
|
26 |
1408d |
1511d
|
15/26 |
1342d |
facb03dddec0
fs/minix: don't allow getting deleted inodes
|
|
KASAN: use-after-free Read in get_block
|
C |
done |
|
23 |
1408d |
1485d
|
15/26 |
1342d |
270ef41094e9
fs/minix: reject too-large maximum file size
|
|
KASAN: use-after-free Read in l2cap_chan_close
|
C |
done |
|
37 |
1383d |
1564d
|
15/26 |
1342d |
f9c70bdc279b
Bluetooth: add a mutex lock to avoid UAF in do_enale_set
|
|
WARNING in vkms_vblank_simulate
|
C |
done |
|
12903 |
1348d |
1925d
|
15/26 |
1342d |
51f644b40b4b
drm/atomic-helper: reset vblank on crtc reset
|
|
WARNING in hsr_addr_subst_dest
|
C |
done |
done |
8639 |
1508d |
1965d
|
15/26 |
1371d |
4b793acdca00
hsr: use netdev_err() instead of WARN_ONCE()
|
|
BUG: unable to handle kernel paging request in netif_receive_generic_xdp
|
C |
done |
done |
160 |
1447d |
1583d
|
15/26 |
1393d |
96aa1b22bd6b
tun: correct header offsets in napi frags mode
|
|
BUG: using smp_processor_id() in preemptible [ADDR] code: syz-executor
|
C |
done |
|
22297 |
1448d |
1787d
|
15/26 |
1403d |
1378817486d6
tipc: block BH before using dst_cache
|
|
KASAN: null-ptr-deref Write in choke_reset
|
C |
done |
|
1441 |
1459d |
1492d
|
15/26 |
1403d |
8738c85c72b3
sch_choke: avoid potential panic in choke_reset()
|
|
WARNING in memtype_reserve
|
C |
done |
|
600 |
1464d |
1472d
|
15/26 |
1403d |
a0e710a7def4
USB: usbfs: fix mmap dma mismatch
|
|
BUG: unable to handle kernel paging request in do_xdp_generic
|
C |
done |
done |
7444 |
1477d |
1583d
|
15/26 |
1403d |
96aa1b22bd6b
tun: correct header offsets in napi frags mode
|
|
INFO: task syz-executor can't die for more than 143 seconds. (2)
|
C |
done |
|
2512 |
1404d |
1671d
|
15/26 |
1403d |
566d136289dc
pipe: Fix pipe_full() test in opipe_prep().
|
|
net-next test error: BUG: using smp_processor_id() in preemptible code in corrupted
|
|
|
|
4 |
1436d |
1438d
|
15/26 |
1403d |
811985365378
ext4: mballoc: Use this_cpu_read instead of this_cpu_ptr
|
|
net test error: BUG: using smp_processor_id() in preemptible code in corrupted
|
|
|
|
3 |
1434d |
1436d
|
15/26 |
1403d |
811985365378
ext4: mballoc: Use this_cpu_read instead of this_cpu_ptr
|
|
memory leak in bio_copy_user_iov
|
C |
done |
|
34 |
1613d |
1798d
|
15/26 |
1420d |
3b7995a98ad7
block: fix memleak when __blk_rq_map_user_iov() is failed
|
|
KASAN: slab-out-of-bounds Write in tcindex_set_parms
|
C |
done |
|
10 |
1513d |
1534d
|
15/26 |
1471d |
0d1c3530e1bd
net_sched: keep alloc_hash updated after hash allocation
|
|
WARNING: bad unlock balance in ucma_event_handler
|
C |
done |
|
143 |
1504d |
2168d
|
15/26 |
1471d |
7c11910783a1
RDMA/ucma: Put a lock around every call to the rdma_cm layer
|
|
WARNING: bad unlock balance in ucma_destroy_id
|
syz |
done |
|
44 |
1538d |
2092d
|
15/26 |
1471d |
7c11910783a1
RDMA/ucma: Put a lock around every call to the rdma_cm layer
|
|
possible deadlock in free_ioctx_users (2)
|
C |
done |
|
44 |
1501d |
1508d
|
15/26 |
1471d |
63f818f46af9
proc: Use a dedicated lock in struct pid
|
|
WARNING: ODEBUG bug in route4_change
|
C |
done |
|
68 |
1508d |
1532d
|
15/26 |
1471d |
ef299cc3fa1a
net_sched: cls_route: remove the right filter from hashtable
|
|
KASAN: use-after-free Write in release_tty
|
C |
done |
|
591 |
1508d |
1630d
|
15/26 |
1471d |
ca4463bf8438
vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
|
|
INFO: task hung in hashlimit_mt_check_common
|
C |
done |
|
20 |
1552d |
1592d
|
15/26 |
1496d |
8d0015a7ab76
netfilter: xt_hashlimit: limit the max size of hashtable
c4a3922d2d20
netfilter: xt_hashlimit: reduce hashlimit_mutex scope for htable_put()
|
|
memory leak in dma_buf_ioctl
|
C |
done |
|
129 |
1546d |
1762d
|
15/26 |
1496d |
d1f37226431f
dma-buf: free dmabuf->name in dma_buf_release()
|
|
KASAN: use-after-free Read in n_tty_receive_buf_common
|
C |
done |
|
68 |
1551d |
1627d
|
15/26 |
1496d |
07e6124a1a46
vt: selection, close sel_buffer race
|
|
general protection fault in nf_flow_table_offload_setup
|
C |
done |
done |
835 |
1550d |
1583d
|
15/26 |
1496d |
a7da92c2c8a1
netfilter: flowtable: skip offload setup if disabled
|
|
KASAN: use-after-free Read in find_match
|
C |
done |
|
142 |
1549d |
1556d
|
15/26 |
1496d |
44bfa9c5e5f0
net: rtnetlink: fix bugs in rtnl_alt_ifname()
|
|
unregister_netdevice: waiting for DEV to become free (3)
|
C |
|
|
1864 |
1496d |
1557d
|
15/26 |
1496d |
e34f1753eebc
ethtool: limit bitset size
|
|
BUG: corrupted list in __nf_tables_abort
|
C |
done |
done |
29 |
1577d |
1584d
|
15/26 |
1525d |
eb014de4fd41
netfilter: nf_tables: autoload modules from the abort path
|
|
KASAN: slab-out-of-bounds Read in bitmap_ipmac_gc
|
C |
done |
done |
70 |
1566d |
1582d
|
15/26 |
1525d |
32c72165dbd0
netfilter: ipset: use bitmap infrastructure completely
|
|
possible deadlock in wg_set_device
|
C |
done |
|
33 |
1563d |
1568d
|
15/26 |
1531d |
ec31c2676a10
wireguard: noise: reject peers with low order public keys
|
|
memory leak in kobject_set_name_vargs (2)
|
C |
done |
|
47 |
1578d |
1763d
|
15/26 |
1553d |
cb626bf566eb
net-sysfs: Fix reference count leak
|
|
KASAN: slab-out-of-bounds Read in bitmap_port_gc
|
C |
done |
|
197 |
1567d |
1584d
|
15/26 |
1553d |
32c72165dbd0
netfilter: ipset: use bitmap infrastructure completely
|
|
KASAN: slab-out-of-bounds Read in bitmap_ipmac_list
|
C |
done |
|
108 |
1569d |
1584d
|
15/26 |
1553d |
32c72165dbd0
netfilter: ipset: use bitmap infrastructure completely
|
|
WARNING: refcount bug in cdev_get
|
C |
done |
|
105 |
1595d |
1735d
|
15/26 |
1553d |
68faa679b8be
chardev: Avoid potential use-after-free in 'chrdev_open()'
|
|
inconsistent lock state in rxrpc_put_client_conn
|
C |
done |
|
18198 |
1562d |
1568d
|
15/26 |
1553d |
963485d436cc
rxrpc: Fix call RCU cleanup using non-bh-safe locks
|
|
unregister_netdevice: waiting for DEV to become free (2)
|
C |
done |
|
385621 |
1558d |
2105d
|
15/26 |
1558d |
ddd9b5e3e765
net-sysfs: Call dev_hold always in rx_queue_add_kobject
|
|
general protection fault in j1939_sk_bind
|
syz |
done |
done |
22 |
1632d |
1658d
|
15/26 |
1558d |
00d4e14d2e4c
can: j1939: j1939_sk_bind(): take priv after lock is held
|
|
possible deadlock in mon_bin_vma_fault
|
C |
done |
|
11427 |
1619d |
2086d
|
15/26 |
1558d |
19e6317d24c2
usb: mon: Fix a deadlock in usbmon between mmap and read
|
|
BUG: Bad rss-counter state (3)
|
C |
unreliable |
done |
438 |
1757d |
2223d
|
15/26 |
1571d |
173d9d9fd3dd
mm/huge_memory: splitting set mapping+index before unfreeze
|
|
possible deadlock in flush_workqueue (2)
|
C |
done |
done |
256 |
1606d |
2039d
|
15/26 |
1571d |
e7c58097793e
hugetlbfs: revert "Use i_mmap_rwsem to fix page fault/truncate race"
|
|
KASAN: use-after-free Read in __queue_work (2)
|
C |
done |
done |
577 |
1789d |
2142d
|
15/26 |
1595d |
430ac66eb4c5
net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()
|
|
KASAN: slab-out-of-bounds Write in pipe_write
|
C |
done |
|
40 |
1626d |
1631d
|
15/26 |
1595d |
8f868d68d335
pipe: Fix missing mask update after pipe_wait()
|
|
WARNING in tty_set_termios
|
C |
done |
done |
1997 |
1754d |
1954d
|
15/26 |
1595d |
b36a1552d731
Bluetooth: hci_uart: check for missing tty operations
|
|
general protection fault in j1939_jsk_del
|
syz |
done |
|
132 |
1634d |
1658d
|
14/26 |
1634d |
fd81ebfe7975
can: j1939: socket: rework socket locking for j1939_sk_release() and j1939_sk_sendmsg()
|
|
INFO: task hung in synchronize_rcu
|
syz |
done |
|
1206 |
1634d |
1660d
|
14/26 |
1634d |
8a44119a98be
KVM: Fix NULL-ptr deref after kvm_create_vm fails
|
|
WARNING: suspicious RCU usage in kvm_dev_ioctl
|
C |
done |
|
333 |
1650d |
1661d
|
14/26 |
1634d |
e2d3fcaf939d
KVM: fix placement of refcount initialization
|
|
INFO: task hung in mpage_prepare_extent_to_map
|
syz |
done |
|
18606 |
1658d |
1666d
|
14/26 |
1634d |
4655e5e5f387
mm,thp: recheck each page before collapsing file THP
|
|
WARNING in generic_make_request_checks
|
C |
done |
|
7760 |
1635d |
2111d
|
13/26 |
1635d |
8b2ded1c94c0
block: don't warn when doing fsync on read-only devices
|
|
memory leak in copy_net_ns
|
C |
done |
|
422 |
1662d |
1700d
|
13/26 |
1640d |
82ecff655e79
keys: Fix memory leak in copy_net_ns
|
|
general protection fault in kernfs_add_one
|
C |
done |
|
98 |
1749d |
2073d
|
13/26 |
1641d |
ac43432cb1f5
driver core: Fix use-after-free and double free on glue directory
|
|
WARNING in kernfs_get
|
C |
done |
|
316 |
1751d |
2079d
|
13/26 |
1643d |
ac43432cb1f5
driver core: Fix use-after-free and double free on glue directory
|
|
INFO: task hung in vivid_stop_generating_vid_cap
|
C |
done |
done |
81 |
2027d |
2030d
|
13/26 |
1652d |
d65842f7126a
media: vb2: add waiting_in_dqbuf flag
|
|
memory leak in llc_ui_create (2)
|
C |
done |
|
19 |
1675d |
1795d
|
13/26 |
1659d |
c6ee11c39fcc
llc: fix sk_buff leak in llc_sap_state_process()
|
|
BUG: assuming atomic context at net/kcm/kcmsock.c:LINE
|
C |
done |
|
178 |
1695d |
1701d
|
13/26 |
1679d |
0355d6c1d591
net-backports: kcm: disable preemption in kcm_parse_func_strparser()
|
|
WARNING: suspicious RCU usage in netem_enqueue
|
C |
done |
|
16 |
1697d |
1711d
|
13/26 |
1679d |
159d2c7d8106
net-backports: sch_netem: fix rcu splat in netem_enqueue()
|
|
general protection fault in __apic_accept_irq
|
C |
done |
|
69 |
1707d |
1719d
|
13/26 |
1679d |
a073d7e3ad68
KVM: hyperv: Fix Direct Synthetic timers assert an interrupt w/o lapic_in_kernel
|
|
BUG: MAX_STACK_TRACE_ENTRIES too low! (2)
|
C |
done |
|
5045 |
1711d |
1879d
|
13/26 |
1679d |
12593b7467f9
locking/lockdep: Reduce space occupied by stack traces
|
|
general protection fault in qdisc_put
|
C |
done |
|
60 |
1706d |
1716d
|
13/26 |
1679d |
6efb971ba8ed
net_sched: let qdisc_put() accept NULL pointer
|
|
INFO: rcu detected stall in addrconf_dad_work
|
C |
done |
|
126 |
1709d |
1714d
|
13/26 |
1685d |
d4d6ec6dac07
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
|
INFO: rcu detected stall in br_handle_frame
|
C |
done |
|
341 |
1708d |
1714d
|
13/26 |
1685d |
d4d6ec6dac07
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
|
INFO: rcu detected stall in mld_ifc_timer_expire
|
C |
done |
|
152 |
1709d |
1716d
|
13/26 |
1685d |
d4d6ec6dac07
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
|
INFO: rcu detected stall in netlink_sendmsg (2)
|
C |
done |
|
11 |
1709d |
1715d
|
13/26 |
1685d |
d4d6ec6dac07
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
|
|
WARNING: refcount bug in nr_insert_socket
|
C |
done |
|
55 |
1752d |
1777d
|
13/26 |
1690d |
4638faac0327
netrom: hold sock when setting skb->destructor
|
|
KASAN: null-ptr-deref Write in rxrpc_unuse_local
|
C |
done |
|
4422 |
1742d |
1746d
|
12/26 |
1718d |
68553f1a6f74
rxrpc: Fix local refcounting
|
|
WARNING in smc_unhash_sk (2)
|
C |
done |
|
1047 |
1728d |
1864d
|
12/26 |
1728d |
cd2063604ea6
net/smc: avoid fallback in case of non-blocking connect
|
|
KASAN: slab-out-of-bounds Read in class_equal
|
syz |
done |
|
45 |
1749d |
1822d
|
12/26 |
1728d |
95fa145479fb
bpf: sockmap/tls, close can race with map free
|
|
general protection fault in tcf_ife_init
|
C |
done |
|
72 |
1750d |
1764d
|
12/26 |
1728d |
c8ec4632c6ac
ife: error out when nla attributes are empty
|
|
general protection fault in tls_sk_proto_close
|
syz |
done |
|
260 |
1728d |
1760d
|
12/26 |
1728d |
5d92e631b8be
net/tls: partially revert fix transition through disconnect with close
|
|
WARNING in debug_check_no_obj_freed
|
C |
done |
|
47 |
1728d |
1796d
|
12/26 |
1728d |
f9cedf1a9b1c
net/smc: do not schedule tx_work in SMC_CLOSED state
|
|
BUG: unable to handle kernel NULL pointer dereference in corrupted (4)
|
syz |
done |
done |
1 |
1791d |
1791d
|
12/26 |
1728d |
95fa145479fb
bpf: sockmap/tls, close can race with map free
|
|
kernel panic: corrupted stack end in corrupted
|
syz |
done |
|
17 |
1749d |
1796d
|
12/26 |
1728d |
95fa145479fb
bpf: sockmap/tls, close can race with map free
|
|
WARNING in __mark_chain_precision
|
C |
done |
|
105 |
1742d |
1778d
|
12/26 |
1742d |
b3b50f05dc50
bpf: fix precision bit propagation for BPF_ST instructions
|
|
kernel BUG at drivers/android/binder_alloc.c:LINE! (4)
|
C |
done |
|
26 |
1790d |
1798d
|
12/26 |
1750d |
bb4a2e48d510
binder: return errors from buffer copy functions
|
|
general protection fault in ovs_ct_exit
|
C |
done |
|
9888 |
1792d |
1797d
|
12/26 |
1750d |
b272a0ad7301
netns: restore ops before calling ops_exit_list
|
|
possible deadlock in userfaultfd_release
|
C |
done |
|
137 |
1789d |
2032d
|
12/26 |
1757d |
cbcfa130a911
fs/userfaultfd.c: disable irqs for fault_pending and event locks
|
|
WARNING: syz-executor still has locks held!
|
C |
done |
|
233 |
1993d |
2004d
|
12/26 |
1762d |
a72173ecfc67
Revert "exec: make de_thread() freezable"
|
|
general protection fault in __smc_diag_dump
|
syz |
done |
|
309 |
1952d |
1965d
|
12/26 |
1776d |
b03faa1fafc8
net/smc: postpone release of clcsock
|
|
KASAN: slab-out-of-bounds Read in rhashtable_walk_enter
|
C |
done |
|
48 |
1825d |
1829d
|
12/26 |
1792d |
526f5b851a96
tipc: fix modprobe tipc failed after switch order of device registration
|
|
KASAN: use-after-free Read in napi_gro_frags
|
C |
done |
|
16 |
1816d |
1818d
|
12/26 |
1798d |
a4270d6795b0
net-gro: fix use-after-free read in napi_gro_frags()
|
|
BUG: using __this_cpu_read() in preemptible code in ip6_finish_output
|
C |
done |
|
18807 |
1869d |
1875d
|
12/26 |
1802d |
28b05b928868
net: use correct this_cpu primitive in dev_recursion_level
|
|
WARNING: ODEBUG bug in netdev_freemem
|
syz |
done |
|
1042 |
1802d |
1967d
|
12/26 |
1802d |
a3c7cd0cdf11
batman-adv: mcast: fix multicast tt/tvlv worker locking
|
|
KASAN: use-after-free Read in __vb2_perform_fileio
|
C |
done |
|
786 |
1839d |
2030d
|
12/26 |
1802d |
d65842f7126a
media: vb2: add waiting_in_dqbuf flag
|
|
possible deadlock in acct_pin_kill
|
C |
done |
|
273 |
1845d |
2062d
|
12/26 |
1802d |
9419a3191dcb
acct_on(): don't mess with freeze protection
|
|
WARNING in compat_copy_entries (2)
|
syz |
done |
|
19416 |
1833d |
2267d
|
12/26 |
1820d |
7caa56f006e9
netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON
|
|
WARNING in percpu_ref_kill_and_confirm
|
C |
done |
|
443 |
1848d |
1855d
|
12/26 |
1820d |
35fa71a030ca
io_uring: fail io_uring_register(2) on a dying io_uring instance
|
|
general protection fault in skb_queue_tail
|
C |
done |
|
35 |
1853d |
1854d
|
12/26 |
1820d |
032be5f19a94
rxrpc: fix race condition in rxrpc_input_packet()
|
|
WARNING in __kthread_bind_mask
|
C |
done |
|
2929 |
1854d |
1864d
|
12/26 |
1820d |
060586324648
io_uring: park SQPOLL thread if it's percpu
|
|
WARNING in io_uring_setup
|
C |
done |
|
3601 |
1844d |
1864d
|
12/26 |
1820d |
917257daa0fe
io_uring: only test SQPOLL cpu after we've verified it
|
|
general protection fault in xfrmi_decode_session
|
C |
done |
|
16694 |
1844d |
1916d
|
12/26 |
1820d |
6ed69184ed9c
xfrm: Reset secpath in xfrm failure
|
|
BUG: MAX_STACK_TRACE_ENTRIES too low!
|
C |
done |
|
1725 |
1880d |
1906d
|
11/26 |
1880d |
009bb421b6ce
workqueue, lockdep: Fix an alloc_workqueue() error path
|
|
general protection fault in __x86_indirect_thunk_rbx
|
C |
done |
|
16 |
2021d |
2021d
|
11/26 |
1887d |
d6367d624137
fs/locks: use properly initialized file_lock when unlocking.
|
|
WARNING: bad usercopy in corrupted (2)
|
C |
done |
|
12 |
1956d |
2003d
|
11/26 |
1888d |
bc6e019b6ee6
fou: Prevent unbounded recursion in GUE error handler also with UDP-Lite
|
|
net-next boot error: can't ssh into the instance
|
|
|
|
33 |
1938d |
1940d
|
11/26 |
1902d |
947b7ac135b1
Revert "block: cover another queue enter recursion via BIO_QUEUE_ENTERED"
|
|
BUG: unable to handle kernel NULL pointer dereference in corrupted (3)
|
C |
|
|
1 |
1960d |
1960d
|
11/26 |
1902d |
44039e00171b
fou6: Prevent unbounded recursion in GUE error handler
|
|
net boot error: can't ssh into the instance
|
|
|
|
42 |
1938d |
1940d
|
11/26 |
1902d |
947b7ac135b1
Revert "block: cover another queue enter recursion via BIO_QUEUE_ENTERED"
|
|
upstream boot error: can't ssh into the instance (2)
|
|
|
|
45 |
1940d |
1940d
|
11/26 |
1902d |
947b7ac135b1
Revert "block: cover another queue enter recursion via BIO_QUEUE_ENTERED"
|
|
net build error
|
|
|
|
2 |
2066d |
2066d
|
11/26 |
1967d |
16fdf8ba9839
rds: Fix build regression.
|
|
unregister_netdevice: waiting for DEV to become free
|
C |
|
|
170521 |
2112d |
2223d
|
8/26 |
2112d |
8cc88773855f
xfrm: fix missing dst_release() after policy blocking lbcast and multicast
|
|
WARNING: kernel stack regs has bad 'bp' value (3)
|
C |
|
|
7971 |
2144d |
2299d
|
8/26 |
2142d |
b7b73cd5d746
crypto: x86/salsa20 - remove x86 salsa20 implementations
|
|
BUG: workqueue lockup (3)
|
C |
|
|
1215 |
2146d |
2199d
|
8/26 |
2142d |
4fb48871409e
restore cond_resched() in shrink_dcache_parent()
|
|
WARNING: kernel stack frame pointer has bad value
|
C |
|
|
1108 |
2144d |
2223d
|
8/26 |
2142d |
f044a84e040b
crypto: don't optimize keccakf()
|
|
general protection fault in gfn_to_rmap
|
syz |
|
|
7 |
2283d |
2393d
|
5/26 |
2195d |
b7e31be38558
KVM: x86: fix vcpu initialization with userspace lapic
|
|
BUG: workqueue lockup (2)
|
C |
|
|
406 |
2202d |
2360d
|
5/26 |
2199d |
966031f34018
n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)
|
|
BUG: unable to handle kernel paging request in ata_bmdma_qc_prep
|
C |
|
|
13 |
2385d |
2393d
|
4/26 |
2250d |
058f58e235cb
libata: fix length validation of ATAPI-relayed SCSI commands
|
|
WARNING in ata_bmdma_qc_issue
|
C |
|
|
1 |
2473d |
2393d
|
4/26 |
2250d |
2c1ec6fda2d0
libata: don't try to pass through NCQ commands to non-NCQ devices
|
|
WARNING in ata_qc_issue
|
C |
|
|
35 |
2379d |
2397d
|
4/26 |
2250d |
9173e5e80729
libata: remove WARN() for DMA or PIO command without data
|
|
KASAN: use-after-free Read in get_work_pool
|
syz |
|
|
8 |
2376d |
2398d
|
4/26 |
2250d |
2cc683e88c0c
kcm: lock lower socket in kcm_attach
|
|
kernel BUG at arch/x86/kvm/x86.c:LINE!
|
syz |
|
|
20 |
2365d |
2397d
|
4/26 |
2261d |
61cb57c9ed63
KVM: x86: Exit to user-mode on #UD intercept when emulator requires
|
|
lost connection to test machine (4)
|
C |
|
|
1189 |
2275d |
2289d
|
4/26 |
2275d |
9c2d63b843a5
bpf: fix mlock precharge on arraymaps
|
|
lost connection to test machine (3)
|
C |
|
|
4251 |
2297d |
2336d
|
4/26 |
2297d |
889c604fd0b5
netfilter: x_tables: fix int overflow in xt_alloc_table_info()
|
|
WARNING in task_participate_group_stop
|
C |
|
|
29 |
2379d |
2394d
|
4/26 |
2299d |
426915796cca
kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal()
|
|
WARNING: kernel stack regs has bad 'bp' value (2)
|
C |
|
|
16238 |
2300d |
2365d
|
4/26 |
2300d |
d8c7fe9f2a48
crypto: x86/twofish-3way - Fix %rbp usage
|
|
BUG: sleeping function called from invalid context at ./include/linux/uaccess.h:LINE
|
C |
|
|
19609 |
2367d |
2393d
|
4/26 |
2305d |
4d772cb85f64
KVM: x86: fix em_fxstor() sleeping while in atomic
|
|
possible deadlock in snd_seq_deliver_event
|
C |
|
|
6 |
2387d |
2397d
|
4/26 |
2309d |
1f20f9ff57ca
ALSA: seq: Fix nested rwsem annotation for lockdep splat
|
|
kernel panic: softlockup: hung tasks
|
|
|
|
2 |
2435d |
2405d
|
3/26 |
2356d |
4ba161a793d5
SUNRPC: Allow connect to return EHOSTUNREACH
|
|
kernel BUG at net/key/af_key.c:LINE!
|
C |
|
|
63 |
2407d |
2400d
|
3/26 |
2359d |
0e74aa1d79a5
xfrm: Copy policy family in clone_policy
|
|
KASAN: slab-out-of-bounds Read in tipc_nametbl_lookup_dst_nodes
|
C |
|
|
22388 |
2377d |
2400d
|
3/26 |
2365d |
f65163fed0e7
tipc: eliminate KASAN warning
|
|
general protection fault in tun_flow_cleanup
|
|
|
|
1 |
2437d |
2406d
|
3/26 |
2365d |
ee74d9967b82
tun: do not arm flow_gc_timer in tun_flow_init()
|
|
possible deadlock in generic_file_write_iter
|
C |
|
|
61506 |
2366d |
2388d
|
3/26 |
2365d |
e319e1fbd9d4
block, locking/lockdep: Assign a lock_class per gendisk used for wait_for_completion()
|
|
BUG: soft lockup
|
C |
|
|
466 |
2378d |
2392d
|
3/26 |
2376d |
9b7d869ee5a7
ALSA: timer: Limit max instances per timer
|
|
BUG: unable to handle kernel paging request in snd_seq_oss_readq_puts
|
C |
|
|
389 |
2386d |
2392d
|
3/26 |
2376d |
132d358b183a
ALSA: seq: Fix OSS sysex delivery in OSS emulation
|
|
KASAN: use-after-free Write in __run_timers
|
|
|
|
6144 |
2402d |
2462d
|
3/26 |
2383d |
0ad646c81b21
net-backports: tun: call dev_get_valid_name() before register_netdevice()
|
|
general protection fault in __list_del_entry_valid
|
C |
|
|
72 |
2386d |
2400d
|
3/26 |
2383d |
1137b5e2529a
ipsec: Fix aborted xfrm policy dump crash
|
|
BUG: workqueue lockup
|
C |
|
|
172 |
2383d |
2393d
|
3/26 |
2383d |
93161922c658
tun/tap: sanitize TUNSETSNDBUF input
|
|
WARNING in sk_stream_kill_queues
|
syz |
|
|
96 |
2469d |
2473d
|
3/26 |
2386d |
7749d4ff88d3
net-backports: dccp: purge write queue in dccp_destroy_sock()
|
|
kernel BUG at net/ipv4/tcp_output.c:LINE!
|
|
|
|
37 |
2442d |
2455d
|
3/26 |
2386d |
b1ed4c4fa9a5
tcp: add an ability to dump and restore window parameters
|
|
general protection fault in refcount_sub_and_test
|
|
|
|
1 |
2486d |
2471d
|
3/26 |
2387d |
12d94a804946
ipv6: fix NULL dereference in ip6_route_dev_notify()
|
|
KASAN: double-free or invalid-free in selinux_tun_dev_free_security
|
C |
|
|
12033 |
2463d |
2474d
|
3/26 |
2387d |
ff244c6b29b1
tun: handle register_netdevice() failures properly
|
|
BUG: unable to handle kernel NULL pointer dereference in free_fib_info_rcu
|
|
|
|
3 |
2470d |
2471d
|
3/26 |
2387d |
187e5b3ac84d
ipv4: fix NULL dereference in free_fib_info_rcu()
|
|
KASAN: use-after-free Read in dev_queue_xmit_nit
|
C |
|
|
13 |
2430d |
2441d
|
3/26 |
2387d |
008ba2a13f2d
packet: hold bind lock when rebinding to fanout hook
|
|
WARNING in fib6_del
|
|
|
|
24 |
2448d |
2461d
|
3/26 |
2387d |
7483cea79957
ipv6: fib: Unlink replaced routes from their nodes
|
|
KASAN: use-after-free Read in ccid2_hc_tx_rto_expire
|
|
|
|
5 |
2465d |
2470d
|
3/26 |
2387d |
120e9dabaf55
dccp: defer ccid_hc_tx_delete() at dismantle time
|
|
KASAN: use-after-free Read in __list_add_valid
|
syz |
|
|
26 |
2403d |
2451d
|
3/26 |
2400d |
008ba2a13f2d
packet: hold bind lock when rebinding to fanout hook
|
|
general protection fault in kvm_cpuid
|
C |
|
|
20 |
2429d |
2448d
|
3/26 |
2400d |
d1cd3ce90044
KVM: MMU: check guest CR3 reserved bits based on its physical address width.
|
|
general protection fault in skb_clone
|
syz |
|
|
3 |
2469d |
2469d
|
3/26 |
2400d |
0bbd7dad34f8
tun: make tun_build_skb() thread safe
|
|
BUG: unable to handle kernel paging request in skb_release_data
|
syz |
|
|
15 |
2469d |
2469d
|
3/26 |
2400d |
0bbd7dad34f8
tun: make tun_build_skb() thread safe
|
|
WARNING in __local_bh_enable_ip
|
|
|
|
22 |
2431d |
2438d
|
3/26 |
2400d |
930651a75bf1
bpf: do not disable/enable BH in bpf_map_free_id()
|
|
WARNING: kernel stack regs has bad 'bp' value
|
C |
|
|
66131 |
2429d |
2474d
|
3/26 |
2400d |
d3dfbfe2e6e7
crypto: x86/sha256-avx2 - Fix RBP usage
|
|
KASAN: wild-memory-access Read in skb_copy_ubufs
|
C |
|
|
23 |
2468d |
2469d
|
3/26 |
2400d |
0bbd7dad34f8
tun: make tun_build_skb() thread safe
|
|
general protection fault in __skb_flow_dissect
|
C |
|
|
37 |
2470d |
2473d
|
3/26 |
2400d |
7324157b8af1
dsa: fix flow disector null pointer
|
|
WARNING in idr_replace
|
C |
|
|
1209 |
2440d |
2473d
|
3/26 |
2400d |
a47f68d6a944
idr: remove WARN_ON_ONCE() when trying to replace negative ID
|
|
BUG: Bad page state
|
C |
|
|
2 |
2470d |
2471d
|
3/26 |
2400d |
263630e8d176
mm/madvise.c: fix freeing of locked page with MADV_FREE
|
|
possible deadlock in kcm_sendpage
|
syz |
|
|
14 |
2452d |
2455d
|
3/26 |
2400d |
351050ecd652
kcm: do not attach PF_KCM sockets to avoid deadlock
|
|
suspicious RCU usage at ./include/linux/kvm_host.h:LINE
|
C |
|
|
103402 |
2429d |
2474d
|
3/26 |
2400d |
021086e383fa
KVM: fix rcu warning on VM_CREATE errors
|
|
general protection fault in skb_release_data
|
syz |
|
|
198 |
2468d |
2470d
|
3/26 |
2400d |
0bbd7dad34f8
tun: make tun_build_skb() thread safe
|
|
general protection fault in fib_dump_info
|
C |
|
|
428 |
2463d |
2474d
|
3/26 |
2400d |
bc3aae2bbac4
net: check and errout if res->fi is NULL when RTM_F_FIB_MATCH is set
|
|
KASAN: use-after-free Read in free_ldt_struct
|
C |
|
|
109 |
2457d |
2472d
|
3/26 |
2400d |
ccd5b3235180
x86/mm: Fix use-after-free of ldt_struct
|
|
general protection fault in fib6_add
|
|
|
|
18 |
2464d |
2471d
|
3/26 |
2400d |
348a4002729c
ipv6: repair fib6 tree in failure case
|
|
general protection fault in SyS_bpf
|
C |
|
|
10 |
2459d |
2460d
|
3/26 |
2400d |
ae2b27b859a1
bpf: fix a return in sockmap_get_from_fd()
|
|
general protection fault in __ip_options_echo (2)
|
C |
|
|
2 |
2449d |
2449d
|
3/26 |
2400d |
ca2c1418efe9
udp: drop head states only when all skb references are gone
|
|
KASAN: use-after-free Read in ip6_pol_route
|
|
|
|
249 |
2463d |
2472d
|
3/26 |
2400d |
383143f31d7d
ipv6: reset fn->rr_ptr when replacing route
|
|
KASAN: use-after-free Read in get_mm_exe_file
|
C |
|
|
2 |
2464d |
2469d
|
3/26 |
2400d |
2b7e8665b4ff
fork: fix incorrect fput of ->exe_file causing use-after-free
|
|
WARNING in refcount_inc
|
|
|
|
7 |
2454d |
2462d
|
3/26 |
2400d |
551143d8d954
net_sched: fix a refcount_t issue with noop_qdisc
|
|
kernel BUG at mm/slab.c:LINE!
|
C |
|
|
860 |
2448d |
2451d
|
3/26 |
2400d |
96e5ae4e76f1
bpf: fix numa_node validation
|
|
BUG: unable to handle kernel NULL pointer dereference at ADDR
|
C |
|
|
63 |
2457d |
2472d
|
3/26 |
2400d |
3fd871270732
strparser: initialize all callbacks
|
|
KASAN: use-after-free Read in skb_push
|
|
|
|
4 |
2464d |
2471d
|
3/26 |
2400d |
5bfd37b4de5c
tipc: fix use-after-free
|
|
KASAN: slab-out-of-bounds Read in skb_release_data
|
|
|
|
1 |
2469d |
2469d
|
3/26 |
2400d |
0bbd7dad34f8
tun: make tun_build_skb() thread safe
|
|
general protection fault in perf_trace_block_get_rq
|
C |
|
|
180 |
2440d |
2450d
|
3/26 |
2400d |
f8e9ec16611b
block: tolerate tracing of NULL bio
|
|
KASAN: use-after-free Read in skb_release_data
|
syz |
|
|
7 |
2470d |
2469d
|
3/26 |
2400d |
0bbd7dad34f8
tun: make tun_build_skb() thread safe
|
|
WARNING in kvm_arch_vcpu_ioctl_run
|
C |
|
|
20284 |
2429d |
2494d
|
3/26 |
2429d |
bbeac2830f4d
KVM: X86: Fix residual mmio emulation request to userspace
|
|
INFO: task hung
|
C |
|
|
13878 |
2429d |
2494d
|
3/26 |
2429d |
bd9dfc54e392
tcp: fix hang in tcp_sendpage_locked()
|
|
kernel BUG at mm/usercopy.c:LINE!
|
C |
|
|
23 |
2469d |
2474d
|
2/26 |
2449d |
fd851ba9caa9
udp: harden copy_linear_skb()
|
|
inconsistent lock state in sk_clone_lock
|
C |
|
|
16 |
2470d |
2474d
|
2/26 |
2449d |
d624d276d1dd
tcp: fix possible deadlock in TCP stack vs BPF filter
|
|
BUG: sleeping function called from invalid context at mm/slab.h:LINE
|
C |
|
|
8 |
2471d |
2474d
|
2/26 |
2449d |
36f41f8fc6d8
af_key: do not use GFP_KERNEL in atomic contexts
|